Fluid Attacks Database

Description

Perl CryptX before version 0.087 contains a dependency that may be susceptible to an integer overflow. CryptX embeds a version of the libtommath library that is susceptible to an integer overflow associated with CVE-2023-36328.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem	Package	Affected version	Patched versions
debian 11	libcryptx-perl	=0.069-1 \|\| =0.073-1 \|\| =0.074-1 \|\| =0.075-1 \|\| =0.076-1 \|\| =0.077-1 \|\| =0.078-1 \|\| =0.080-1 \|\| =0.080-2 \|\| =0.081-1 \|\| =0.081-2 \|\| =0.082-1 \|\| =0.082.001-1 \|\| =0.084-1 \|\| =0.085-1 \|\| =0.087-1 \|\| =0.087-2	-
debian 12	libcryptx-perl	=0.077-1 \|\| =0.078-1 \|\| =0.080-1 \|\| =0.080-2 \|\| =0.081-1 \|\| =0.081-2 \|\| =0.082-1 \|\| =0.082.001-1 \|\| =0.084-1 \|\| =0.085-1 \|\| =0.087-1 \|\| =0.087-2	-
debian 13	libcryptx-perl	=0.085-1 \|\| =0.087-1 \|\| =0.087-2	-
debian 14	libcryptx-perl	=0.085-1 \|\| >=0 <0.087-1	0.087-1

Aliases

1. CVE-2025-409142. NVD-2025-409143. OSV-DEBIAN-2025-409144. OSV-2025-409145. SECURITY-TRACKER-CVE-2025-40914

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.