CPANSA-Net-CIDR-Lite-2021-47154: Net-CIDR-Lite vulnerability
Publisher | giterlizzi | Document category | csaf_security_advisory |
---|---|---|---|
Initial release date | 2024-03-18T00:00:00 | Engine | CSAF Perl Toolkit 0.25 |
Current release date | 2024-03-18T00:00:00 | Build Date | |
Current version | 1 | Status | final |
CVSS v3.1 Base Score | 6.3 | Severity | |
Original language | Language | en | |
Also referred to |
Vulnerability Description
The Net::CIDR::Lite module before 0.22 for Perl does not properly consider extraneous zero characters at the beginning of an IP address string, which (in some situations) allows attackers to bypass access control that is based on IP addresses.
Vulnerabilities
CVE-2021-47154
Vulnerability DescriptionThe Net::CIDR::Lite module before 0.22 for Perl does not properly consider extraneous zero characters at the beginning of an IP address string, which (in some situations) allows attackers to bypass access control that is based on IP addresses.
Product status
Known affected
Product | Score | ||||||||
---|---|---|---|---|---|---|---|---|---|
Net-CIDR-Lite less than 0.22 |
|
Fixed
- Net-CIDR-Lite greater than or equal 0.22
giterlizzi
Namespace: https://github.com/giterlizzi/
gdt@cpan.org
References
- CPANSA-Net-CIDR-Lite-2021-47154 JSON self
https://raw.githubusercontent.com/giterlizzi/perl-CPANSA-CSAF/develop/csaf/white/2024/cpansa-net-cidr-lite-2021-47154.json - https://blog.urth.org/2021/03/29/security-issues-in-perl-ip-address-distros/ external
https://blog.urth.org/2021/03/29/security-issues-in-perl-ip-address-distros/ - https://github.com/stigtsp/Net-CIDR-Lite/commit/23b6ff0590dc279521863a502e890ef19a5a76fc external
https://github.com/stigtsp/Net-CIDR-Lite/commit/23b6ff0590dc279521863a502e890ef19a5a76fc - https://metacpan.org/dist/Net-CIDR-Lite/changes external
https://metacpan.org/dist/Net-CIDR-Lite/changes - https://metacpan.org/pod/Net::CIDR::Lite external
https://metacpan.org/pod/Net::CIDR::Lite - CVE-2021-47154 (NVD) external
https://nvd.nist.gov/vuln/detail/CVE-2021-47154
Revision history
Version | Date of the revision | Summary of the revision |
---|---|---|
1 | Mon Mar 18 00:00:00 2024 | First release |
Sharing rules
TLP:WHITE
For the TLP version see: https://www.first.org/tlp/