CVE-2025-40912
Awaiting Analysis Awaiting Analysis - Queue
BaseFortify

Publication date: 2025-06-11

Last updated on: 2025-06-12

Assigner: CPANSec

Description
CryptX for Perl before version 0.065 contains a dependency that may be susceptible to malformed unicode. CryptX embeds the tomcrypt library. The versions of that library in CryptX before 0.065 may be susceptible to CVE-2019-17362.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-06-11
Last Modified
2025-06-12
Generated
2026-05-07
AI Q&A
2025-06-11
EPSS Evaluated
2026-05-05
NVD
CVE-2025-40912
EUVD
EUVD-2025-18140
Affected Vendors & Products
Currently, no data is known.
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability exists in the CryptX Perl module before version 0.065 because it uses a version of the LibTomCrypt library that improperly validates UTF-8 sequences during DER decoding. Specifically, the function that decodes UTF-8 strings accepts invalid UTF-8 sequences starting with bytes in the form '10xxxxxx', which should not be valid as the first byte. This causes incorrect length calculations of decoded strings, leading to potential out-of-bounds memory reads when processing crafted DER-encoded data such as X.509 certificates. The flaw can cause crashes (denial of service) or leak adjacent memory contents (information disclosure). [1]


How can this vulnerability impact me? :

This vulnerability can impact you by allowing an attacker to cause a denial of service through application crashes when processing malicious DER-encoded data. Additionally, it can lead to information disclosure by leaking adjacent memory contents during decoding, potentially exposing sensitive information. This can happen if an attacker supplies specially crafted certificates or DER data to the vulnerable library. [1]


How can this vulnerability be detected on my network or system? Can you suggest some commands?

This vulnerability can be detected by analyzing DER-encoded data, such as X.509 certificates, processed by vulnerable versions of CryptX (before 0.065) that embed LibTomCrypt version 1.18.2 or earlier. Detection involves checking for malformed UTF-8 sequences starting with bytes in the form '10xxxxxx' within DER data. While no specific commands are provided, you can use tools like 'openssl' to inspect certificates and scripts to parse DER data for invalid UTF-8 sequences. Monitoring application logs for crashes or abnormal behavior during certificate processing may also indicate exploitation attempts. [1]


What immediate steps should I take to mitigate this vulnerability?

Immediate mitigation steps include upgrading CryptX to version 0.065 or later, which contains a fixed version of the embedded LibTomCrypt library that properly validates UTF-8 sequences during DER decoding. If upgrading is not immediately possible, avoid processing untrusted DER-encoded data such as certificates, or apply input validation to reject malformed UTF-8 sequences. Additionally, monitor systems for crashes or unusual behavior related to certificate processing to detect potential exploitation. [1]


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart