Severity by source
Sources disagree (Medium–Critical)AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
vuln.today treats the vendor’s rating as authoritative. A higher third-party CVSS (e.g. CISA-ADP) is shown for transparency but does not drive the headline severity.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
4DescriptionCVE.org
CryptX for Perl before version 0.065 contains a dependency that may be susceptible to malformed unicode.
CryptX embeds the tomcrypt library. The versions of that library in CryptX before 0.065 may be susceptible to CVE-2019-17362.
AnalysisAI
A security vulnerability in CryptX (CVSS 9.8). Critical severity with potential for significant impact on affected systems. Vendor patch is available.
Technical ContextAI
Vulnerability type not specified by vendor. CVSS 9.8 indicates critical severity with likely remote exploitation vector. Affects CryptX.
RemediationAI
Apply the vendor-supplied patch immediately.
Same technique Information Disclosure
View allVendor StatusVendor
Ubuntu
Priority: Medium| Release | Status | Version |
|---|---|---|
| bionic | needs-triage | - |
| focal | needs-triage | - |
| jammy | not-affected | 0.076-1build1 |
| noble | not-affected | - |
| oracular | not-affected | - |
| plucky | not-affected | - |
| upstream | released | 0.066-1 |
| questing | not-affected | - |
Debian
| Release | Status | Fixed Version | Urgency |
|---|---|---|---|
| bullseye | fixed | 0.069-1 | - |
| bookworm | fixed | 0.077-1 | - |
| trixie | fixed | 0.085-1 | - |
| forky, sid | fixed | 0.087-1 | - |
| (unstable) | fixed | 0.066-1 | - |
Share
External POC / Exploit Code
Leaving vuln.today
EUVD-2025-18140