Vulnerability Description
The Cpanel::JSON::XS package before 4.33 for Perl performs out-of-bounds accesses in a way that allows attackers to obtain sensitive information or cause a denial of service.
CVSS Score
9.1
CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Rurban | Cpanel\ | < 4.33, \ |
Related Weaknesses (CWE)
References
- https://github.com/briandfoy/cpan-security-advisory/blob/9374f98bef51e1ae887f293Product
- https://github.com/rurban/Cpanel-JSON-XS/commit/41f32396eee9395a40f9ed80145c3762Patch
- https://github.com/rurban/Cpanel-JSON-XS/issues/208Issue TrackingThird Party Advisory
- https://metacpan.org/release/RURBAN/Cpanel-JSON-XS-4.33/changesRelease Notes
- https://github.com/briandfoy/cpan-security-advisory/blob/9374f98bef51e1ae887f293Product
- https://github.com/rurban/Cpanel-JSON-XS/commit/41f32396eee9395a40f9ed80145c3762Patch
- https://github.com/rurban/Cpanel-JSON-XS/issues/208Issue TrackingThird Party Advisory
- https://metacpan.org/release/RURBAN/Cpanel-JSON-XS-4.33/changesRelease Notes
FAQ
What is CVE-2022-48623?
CVE-2022-48623 is a vulnerability with a CVSS score of 9.1 (CRITICAL). The Cpanel::JSON::XS package before 4.33 for Perl performs out-of-bounds accesses in a way that allows attackers to obtain sensitive information or cause a denial of service.
How severe is CVE-2022-48623?
CVE-2022-48623 has been rated CRITICAL with a CVSS base score of 9.1/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2022-48623?
Check the references section above for vendor advisories and patch information. Affected products include: Rurban Cpanel\.