Unicode Handling Vulnerability in CryptX for Perl by LibTom
CVE-2025-40912

9.8CRITICAL

Key Information:

Vendor: Mik
Status: Cryptx
Vendor: CVE Published:; 11 June 2025

What is CVE-2025-40912?

CryptX for Perl, prior to version 0.065, contains a dependency on the tomcrypt library that may be prone to vulnerabilities associated with malformed unicode input. This can potentially lead to security risks as attackers exploit this flaw to manipulate data handling processes within the application, compromising its integrity and reliability.

Affected Version(s)

CryptX 0.002 < 0.065

References

https://github.com/libtom/libtomcrypt/issues/507

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 11, 2025
Vulnerability Reserved
Apr 16, 2025

Mik

What is CVE-2025-40912?

Affected Version(s)

References

CVSS V3.1

Timeline