CVE-2025-40914 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2025-40914 Interim 1 3 2025-09-22T07:44:27Z current 2025-06-11T23:13:01Z 2025-09-22T07:44:27Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2025-40914 Perl CryptX before version 0.087 contains a dependency that may be susceptible to an integer overflow. CryptX embeds a version of the libtommath library that is susceptible to an integer overflow associated with CVE-2023-36328. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://www.suse.com/support/security/rating/ SUSE Security Ratings SUSE Package Hub 15 SP6 openSUSE Leap 15.6 openSUSE Tumbleweed openQA-5.1757135418.ec726f9c-bp156.2.46.1 openQA-auto-update-5.1757135418.ec726f9c-bp156.2.46.1 openQA-bootstrap-5.1757135418.ec726f9c-bp156.2.46.1 openQA-client-5.1757135418.ec726f9c-bp156.2.46.1 openQA-common-5.1757135418.ec726f9c-bp156.2.46.1 openQA-continuous-update-5.1757135418.ec726f9c-bp156.2.46.1 openQA-devel-5.1757135418.ec726f9c-bp156.2.46.1 openQA-doc-5.1757135418.ec726f9c-bp156.2.46.1 openQA-local-db-5.1757135418.ec726f9c-bp156.2.46.1 openQA-mcp-5.1757135418.ec726f9c-bp156.2.46.1 openQA-munin-5.1757135418.ec726f9c-bp156.2.46.1 openQA-python-scripts-5.1757135418.ec726f9c-bp156.2.46.1 openQA-single-instance-5.1757135418.ec726f9c-bp156.2.46.1 openQA-single-instance-nginx-5.1757135418.ec726f9c-bp156.2.46.1 openQA-worker-5.1757135418.ec726f9c-bp156.2.46.1 os-autoinst-5.1757071172.ffc94dc-bp156.2.39.1 os-autoinst-devel-5.1757071172.ffc94dc-bp156.2.39.1 os-autoinst-ipmi-deps-5.1757071172.ffc94dc-bp156.2.39.1 os-autoinst-openvswitch-5.1757071172.ffc94dc-bp156.2.39.1 os-autoinst-qemu-kvm-5.1757071172.ffc94dc-bp156.2.39.1 os-autoinst-qemu-x86-5.1757071172.ffc94dc-bp156.2.39.1 os-autoinst-s390-deps-5.1757071172.ffc94dc-bp156.2.39.1 os-autoinst-swtpm-5.1757071172.ffc94dc-bp156.2.39.1 perl-CryptX-0.87.0-1.1 perl-CryptX-0.87.0-bp156.3.6.1 perl-IPC-Run-20231003.0.0-bp156.3.3.1 perl-JSON-Validator-5.150.0-bp156.2.3.1 perl-MCP-0.40.0-bp156.2.1 perl-Mojolicious-9.410.0-bp156.2.6.1 openQA-5.1757135418.ec726f9c-bp156.2.46.1 as a component of SUSE Package Hub 15 SP6 openQA-auto-update-5.1757135418.ec726f9c-bp156.2.46.1 as a component of SUSE Package Hub 15 SP6 openQA-bootstrap-5.1757135418.ec726f9c-bp156.2.46.1 as a component of SUSE Package Hub 15 SP6 openQA-client-5.1757135418.ec726f9c-bp156.2.46.1 as a component of SUSE Package Hub 15 SP6 openQA-common-5.1757135418.ec726f9c-bp156.2.46.1 as a component of SUSE Package Hub 15 SP6 openQA-continuous-update-5.1757135418.ec726f9c-bp156.2.46.1 as a component of SUSE Package Hub 15 SP6 openQA-devel-5.1757135418.ec726f9c-bp156.2.46.1 as a component of SUSE Package Hub 15 SP6 openQA-doc-5.1757135418.ec726f9c-bp156.2.46.1 as a component of SUSE Package Hub 15 SP6 openQA-local-db-5.1757135418.ec726f9c-bp156.2.46.1 as a component of SUSE Package Hub 15 SP6 openQA-mcp-5.1757135418.ec726f9c-bp156.2.46.1 as a component of SUSE Package Hub 15 SP6 openQA-munin-5.1757135418.ec726f9c-bp156.2.46.1 as a component of SUSE Package Hub 15 SP6 openQA-python-scripts-5.1757135418.ec726f9c-bp156.2.46.1 as a component of SUSE Package Hub 15 SP6 openQA-single-instance-5.1757135418.ec726f9c-bp156.2.46.1 as a component of SUSE Package Hub 15 SP6 openQA-single-instance-nginx-5.1757135418.ec726f9c-bp156.2.46.1 as a component of SUSE Package Hub 15 SP6 openQA-worker-5.1757135418.ec726f9c-bp156.2.46.1 as a component of SUSE Package Hub 15 SP6 os-autoinst-5.1757071172.ffc94dc-bp156.2.39.1 as a component of SUSE Package Hub 15 SP6 os-autoinst-devel-5.1757071172.ffc94dc-bp156.2.39.1 as a component of SUSE Package Hub 15 SP6 os-autoinst-ipmi-deps-5.1757071172.ffc94dc-bp156.2.39.1 as a component of SUSE Package Hub 15 SP6 os-autoinst-openvswitch-5.1757071172.ffc94dc-bp156.2.39.1 as a component of SUSE Package Hub 15 SP6 os-autoinst-qemu-kvm-5.1757071172.ffc94dc-bp156.2.39.1 as a component of SUSE Package Hub 15 SP6 os-autoinst-qemu-x86-5.1757071172.ffc94dc-bp156.2.39.1 as a component of SUSE Package Hub 15 SP6 os-autoinst-s390-deps-5.1757071172.ffc94dc-bp156.2.39.1 as a component of SUSE Package Hub 15 SP6 os-autoinst-swtpm-5.1757071172.ffc94dc-bp156.2.39.1 as a component of SUSE Package Hub 15 SP6 perl-CryptX-0.87.0-bp156.3.6.1 as a component of SUSE Package Hub 15 SP6 perl-IPC-Run-20231003.0.0-bp156.3.3.1 as a component of SUSE Package Hub 15 SP6 perl-JSON-Validator-5.150.0-bp156.2.3.1 as a component of SUSE Package Hub 15 SP6 perl-MCP-0.40.0-bp156.2.1 as a component of SUSE Package Hub 15 SP6 perl-Mojolicious-9.410.0-bp156.2.6.1 as a component of SUSE Package Hub 15 SP6 openQA-5.1757135418.ec726f9c-bp156.2.46.1 as a component of openSUSE Leap 15.6 openQA-auto-update-5.1757135418.ec726f9c-bp156.2.46.1 as a component of openSUSE Leap 15.6 openQA-bootstrap-5.1757135418.ec726f9c-bp156.2.46.1 as a component of openSUSE Leap 15.6 openQA-client-5.1757135418.ec726f9c-bp156.2.46.1 as a component of openSUSE Leap 15.6 openQA-common-5.1757135418.ec726f9c-bp156.2.46.1 as a component of openSUSE Leap 15.6 openQA-continuous-update-5.1757135418.ec726f9c-bp156.2.46.1 as a component of openSUSE Leap 15.6 openQA-devel-5.1757135418.ec726f9c-bp156.2.46.1 as a component of openSUSE Leap 15.6 openQA-doc-5.1757135418.ec726f9c-bp156.2.46.1 as a component of openSUSE Leap 15.6 openQA-local-db-5.1757135418.ec726f9c-bp156.2.46.1 as a component of openSUSE Leap 15.6 openQA-mcp-5.1757135418.ec726f9c-bp156.2.46.1 as a component of openSUSE Leap 15.6 openQA-munin-5.1757135418.ec726f9c-bp156.2.46.1 as a component of openSUSE Leap 15.6 openQA-python-scripts-5.1757135418.ec726f9c-bp156.2.46.1 as a component of openSUSE Leap 15.6 openQA-single-instance-5.1757135418.ec726f9c-bp156.2.46.1 as a component of openSUSE Leap 15.6 openQA-single-instance-nginx-5.1757135418.ec726f9c-bp156.2.46.1 as a component of openSUSE Leap 15.6 openQA-worker-5.1757135418.ec726f9c-bp156.2.46.1 as a component of openSUSE Leap 15.6 os-autoinst-5.1757071172.ffc94dc-bp156.2.39.1 as a component of openSUSE Leap 15.6 os-autoinst-devel-5.1757071172.ffc94dc-bp156.2.39.1 as a component of openSUSE Leap 15.6 os-autoinst-ipmi-deps-5.1757071172.ffc94dc-bp156.2.39.1 as a component of openSUSE Leap 15.6 os-autoinst-openvswitch-5.1757071172.ffc94dc-bp156.2.39.1 as a component of openSUSE Leap 15.6 os-autoinst-qemu-kvm-5.1757071172.ffc94dc-bp156.2.39.1 as a component of openSUSE Leap 15.6 os-autoinst-qemu-x86-5.1757071172.ffc94dc-bp156.2.39.1 as a component of openSUSE Leap 15.6 os-autoinst-s390-deps-5.1757071172.ffc94dc-bp156.2.39.1 as a component of openSUSE Leap 15.6 os-autoinst-swtpm-5.1757071172.ffc94dc-bp156.2.39.1 as a component of openSUSE Leap 15.6 perl-CryptX-0.87.0-bp156.3.6.1 as a component of openSUSE Leap 15.6 perl-IPC-Run-20231003.0.0-bp156.3.3.1 as a component of openSUSE Leap 15.6 perl-JSON-Validator-5.150.0-bp156.2.3.1 as a component of openSUSE Leap 15.6 perl-MCP-0.40.0-bp156.2.1 as a component of openSUSE Leap 15.6 perl-Mojolicious-9.410.0-bp156.2.6.1 as a component of openSUSE Leap 15.6 perl-CryptX-0.87.0-1.1 as a component of openSUSE Tumbleweed Perl CryptX before version 0.087 contains a dependency that may be susceptible to an integer overflow. CryptX embeds a version of the libtommath library that is susceptible to an integer overflow associated with CVE-2023-36328. CVE-2025-40914 SUSE Package Hub 15 SP6:openQA-5.1757135418.ec726f9c-bp156.2.46.1 SUSE Package Hub 15 SP6:openQA-auto-update-5.1757135418.ec726f9c-bp156.2.46.1 SUSE Package Hub 15 SP6:openQA-bootstrap-5.1757135418.ec726f9c-bp156.2.46.1 SUSE Package Hub 15 SP6:openQA-client-5.1757135418.ec726f9c-bp156.2.46.1 SUSE Package Hub 15 SP6:openQA-common-5.1757135418.ec726f9c-bp156.2.46.1 SUSE Package Hub 15 SP6:openQA-continuous-update-5.1757135418.ec726f9c-bp156.2.46.1 SUSE Package Hub 15 SP6:openQA-devel-5.1757135418.ec726f9c-bp156.2.46.1 SUSE Package Hub 15 SP6:openQA-doc-5.1757135418.ec726f9c-bp156.2.46.1 SUSE Package Hub 15 SP6:openQA-local-db-5.1757135418.ec726f9c-bp156.2.46.1 SUSE Package Hub 15 SP6:openQA-mcp-5.1757135418.ec726f9c-bp156.2.46.1 SUSE Package Hub 15 SP6:openQA-munin-5.1757135418.ec726f9c-bp156.2.46.1 SUSE Package Hub 15 SP6:openQA-python-scripts-5.1757135418.ec726f9c-bp156.2.46.1 SUSE Package Hub 15 SP6:openQA-single-instance-5.1757135418.ec726f9c-bp156.2.46.1 SUSE Package Hub 15 SP6:openQA-single-instance-nginx-5.1757135418.ec726f9c-bp156.2.46.1 SUSE Package Hub 15 SP6:openQA-worker-5.1757135418.ec726f9c-bp156.2.46.1 SUSE Package Hub 15 SP6:os-autoinst-5.1757071172.ffc94dc-bp156.2.39.1 SUSE Package Hub 15 SP6:os-autoinst-devel-5.1757071172.ffc94dc-bp156.2.39.1 SUSE Package Hub 15 SP6:os-autoinst-ipmi-deps-5.1757071172.ffc94dc-bp156.2.39.1 SUSE Package Hub 15 SP6:os-autoinst-openvswitch-5.1757071172.ffc94dc-bp156.2.39.1 SUSE Package Hub 15 SP6:os-autoinst-qemu-kvm-5.1757071172.ffc94dc-bp156.2.39.1 SUSE Package Hub 15 SP6:os-autoinst-qemu-x86-5.1757071172.ffc94dc-bp156.2.39.1 SUSE Package Hub 15 SP6:os-autoinst-s390-deps-5.1757071172.ffc94dc-bp156.2.39.1 SUSE Package Hub 15 SP6:os-autoinst-swtpm-5.1757071172.ffc94dc-bp156.2.39.1 SUSE Package Hub 15 SP6:perl-CryptX-0.87.0-bp156.3.6.1 SUSE Package Hub 15 SP6:perl-IPC-Run-20231003.0.0-bp156.3.3.1 SUSE Package Hub 15 SP6:perl-JSON-Validator-5.150.0-bp156.2.3.1 SUSE Package Hub 15 SP6:perl-MCP-0.40.0-bp156.2.1 SUSE Package Hub 15 SP6:perl-Mojolicious-9.410.0-bp156.2.6.1 openSUSE Leap 15.6:openQA-5.1757135418.ec726f9c-bp156.2.46.1 openSUSE Leap 15.6:openQA-auto-update-5.1757135418.ec726f9c-bp156.2.46.1 openSUSE Leap 15.6:openQA-bootstrap-5.1757135418.ec726f9c-bp156.2.46.1 openSUSE Leap 15.6:openQA-client-5.1757135418.ec726f9c-bp156.2.46.1 openSUSE Leap 15.6:openQA-common-5.1757135418.ec726f9c-bp156.2.46.1 openSUSE Leap 15.6:openQA-continuous-update-5.1757135418.ec726f9c-bp156.2.46.1 openSUSE Leap 15.6:openQA-devel-5.1757135418.ec726f9c-bp156.2.46.1 openSUSE Leap 15.6:openQA-doc-5.1757135418.ec726f9c-bp156.2.46.1 openSUSE Leap 15.6:openQA-local-db-5.1757135418.ec726f9c-bp156.2.46.1 openSUSE Leap 15.6:openQA-mcp-5.1757135418.ec726f9c-bp156.2.46.1 openSUSE Leap 15.6:openQA-munin-5.1757135418.ec726f9c-bp156.2.46.1 openSUSE Leap 15.6:openQA-python-scripts-5.1757135418.ec726f9c-bp156.2.46.1 openSUSE Leap 15.6:openQA-single-instance-5.1757135418.ec726f9c-bp156.2.46.1 openSUSE Leap 15.6:openQA-single-instance-nginx-5.1757135418.ec726f9c-bp156.2.46.1 openSUSE Leap 15.6:openQA-worker-5.1757135418.ec726f9c-bp156.2.46.1 openSUSE Leap 15.6:os-autoinst-5.1757071172.ffc94dc-bp156.2.39.1 openSUSE Leap 15.6:os-autoinst-devel-5.1757071172.ffc94dc-bp156.2.39.1 openSUSE Leap 15.6:os-autoinst-ipmi-deps-5.1757071172.ffc94dc-bp156.2.39.1 openSUSE Leap 15.6:os-autoinst-openvswitch-5.1757071172.ffc94dc-bp156.2.39.1 openSUSE Leap 15.6:os-autoinst-qemu-kvm-5.1757071172.ffc94dc-bp156.2.39.1 openSUSE Leap 15.6:os-autoinst-qemu-x86-5.1757071172.ffc94dc-bp156.2.39.1 openSUSE Leap 15.6:os-autoinst-s390-deps-5.1757071172.ffc94dc-bp156.2.39.1 openSUSE Leap 15.6:os-autoinst-swtpm-5.1757071172.ffc94dc-bp156.2.39.1 openSUSE Leap 15.6:perl-CryptX-0.87.0-bp156.3.6.1 openSUSE Leap 15.6:perl-IPC-Run-20231003.0.0-bp156.3.3.1 openSUSE Leap 15.6:perl-JSON-Validator-5.150.0-bp156.2.3.1 openSUSE Leap 15.6:perl-MCP-0.40.0-bp156.2.1 openSUSE Leap 15.6:perl-Mojolicious-9.410.0-bp156.2.6.1 openSUSE Tumbleweed:perl-CryptX-0.87.0-1.1 critical