Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2026/06/03 11:40 a.m.10 views

CVE-2026-9334

A flaw was found in perl-Cpanel-JSON-XS. This vulnerability allows a remote attacker to cause a denial of service DoS by providing specially crafted JSON input with duplicate object keys. When the dupkeysasarrayref option is enabled, the decodehv function incorrectly processes the input, leading ...

7.3CVSS5.8AI score0.00263EPSS
Exploits0References2
NVD
NVD
added 2026/06/03 1:16 a.m.16 views

CVE-2026-9334

Cpanel::JSON::XS versions before 4.41 for Perl allow type confusion via duplicate object keys when dupkeysasarrayref is enabled. decodehv collapses duplicate object keys into an array reference under dupkeysasarrayref. The branch reached for a duplicate key tests SvTYPE oldvalue != SVtRV && SvTYP...

7.3CVSS0.00263EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/06/03 12:15 a.m.10 views

CVE-2026-9334 Cpanel::JSON::XS versions before 4.41 for Perl allow type confusion via duplicate object keys when dupkeys_as_arrayref is enabled

Cpanel::JSON::XS versions before 4.41 for Perl allow type confusion via duplicate object keys when dupkeysasarrayref is enabled. decodehv collapses duplicate object keys into an array reference under dupkeysasarrayref. The branch reached for a duplicate key tests SvTYPE oldvalue != SVtRV && SvTYP...

5.8AI score0.00263EPSS
Exploits0References2
CVE
CVE
added 2026/06/03 12:15 a.m.27 views

CVE-2026-9334

Cpanel::JSON::XS (Perl) is affected by a type-confusion issue in decode_hv() for versions before 4.41 when dupkeys_as_arrayref is enabled. The code tests duplicate keys by evaluating SvTYPE (old_value) != SVt_RV && SvTYPE (SvRV (old_value)) != SVt_PVAV, which dereferences a value via SvRV(old_val...

7.3CVSS5.8AI score0.00263EPSS
Exploits0References3Affected Software1
CNNVD
CNNVD
added 2026/06/03 12:0 a.m.8 views

Cpanel::JSON::XS 安全漏洞

Cpanel::JSON::XS is a tool developed by RURBAN for converting Perl data structures into JSON format. Versions of Cpanel::JSON::XS prior to version 4.41 contained security vulnerabilities. These vulnerabilities stemmed from the use of dupkeysasarrayref, which led to type confusion when repeated...

7.3CVSS5.3AI score0.00263EPSS
Exploits0References3
Rows per page
Query Builder