Cpanel-JSON-XS 3.0207
Security Advisories
Overflow during processing of ill-formed UTF-8 strings.
- https://github.com/rurban/Cpanel-JSON-XS/commit/f71768984ba7f50b0476c17a4f3b3f2ca88a6951
- https://github.com/dankogai/p5-encode/issues/64
Fixed version: >=3.0225
Reported: 2016-11-23
Possible overflows in av and hv length types.
Fixed version: >=3.0218
Reported: 2016-10-06
CVE-2022-48623
Wrong error messages/sometimes crashes or endless loops with invalid JSON in relaxed mode
- https://github.com/rurban/Cpanel-JSON-XS/issues/208
- https://nvd.nist.gov/vuln/detail/CVE-2022-48623
- https://github.com/rurban/Cpanel-JSON-XS/commit/41f32396eee9395a40f9ed80145c37622560de9b
- https://github.com/advisories/GHSA-44qr-8pf6-6q33
Fixed version: >=4.033
Reported: 2023-02-21
Kwalitee Issues
- use_strict
-
Add 'use strict' (or its equivalents) to all modules, or convince us that your favorite module is well-known enough and people can easily see the modules are strictly written.
Error: Cpanel::JSON::XS, XS::Boolean
- valid_signature
-
Sign the dist as the last step before creating the archive. Take care not to modify/regenerate dist meta files or the manifest.
Error: Old SIGNATURE detected. Please inform the module author to regenerate SIGNATURE using Module::Signature version 0.82 or newer. gpg: Signature made Thu 03 Dec 2015 01:34:18 AM JST gpg: using DSA key 9A6D92628FFDC942 gpg: Can't check signature: No public key --- SIGNATURE Thu Dec 3 01:34:20 2015 +++ @@ -5,7 +5,7 @@ SHA1 3d2627f9875cc76ee10c3d0e3840f11e63e90e1c META.json SHA1 109b9cfe05f5658aa66beefa0d71d13934463de6 META.yml SHA1 90a51c05087f4e3eba0714a4c6ccf27d6eb0bd82 Makefile.PL -SHA1 113b28fae877aad547305bb54543218fb1536a82 README +SHA1 ded9ed5ee285b53370cc255b411cca282c4195da README SHA1 415e2ef1a797702c36ecd31ea7becce97badc91d XS.pm SHA1 f3ee817a1267fb4991529adf0b70aefd4158a66c XS.xs SHA1 27b0bc7e0cd6fe90876fb3d285065c6a07cca028 XS/Boolean.pm ==> MISMATCHED content between SIGNATURE and distribution files! <==
- meta_yml_declares_perl_version
-
If you are using Build.PL define the {requires}{perl} = VERSION field. If you are using MakeMaker (Makefile.PL) you should upgrade ExtUtils::MakeMaker to 6.48 and use MIN_PERL_VERSION parameter. Perl::MinimumVersion can help you determine which version of Perl your module needs.
- use_warnings
-
Add 'use warnings' (or its equivalents) to all modules, or convince us that your favorite module is well-known enough and people can easily see the modules warn when something bad happens.
Error: Cpanel::JSON::XS, XS::Boolean
- meta_yml_has_provides
-
Add all modules contained in this distribution to the META.yml field 'provides'. Module::Build or Dist::Zilla::Plugin::MetaProvides do this automatically for you.
Modules
Name | Abstract | Version | View |
---|---|---|---|
Cpanel::JSON::XS | Cpanel fork of JSON::XS, fast and correct serialising | 3.0207 | metacpan |