CVE-2025-40913

CVE-2025-40913: Net::Dropbear versions through 0.16 for Perl contains a dependency that may be susceptible to an integer overflow

Vendor Atrodo
Product Net::Dropbear
Weakness CWE-1395
Published July 16, 2025
Last update July 16, 2025

CVSS base score

What the vulnerability does

01Description

Net::Dropbear versions through 0.16 for Perl contains a dependency that may be susceptible to an integer overflow. Net::Dropbear embeds a version of the libtommath library that is susceptible to an integer overflow associated with CVE-2023-36328.

Key dates

02Disclosure timeline

July 16, 2025 CVE published
July 16, 2025 Record updated

Related vulnerabilities

04Related CVE