CPANSA-Net-IPAddress-Util-2021-47156: Net-IPAddress-Util vulnerability
Publisher | giterlizzi | Document category | csaf_security_advisory |
---|---|---|---|
Initial release date | 2024-03-18T00:00:00 | Engine | CSAF Perl Toolkit 0.25 |
Current release date | 2024-03-18T00:00:00 | Build Date | |
Current version | 1 | Status | final |
CVSS v3.1 Base Score | 6.5 | Severity | |
Original language | Language | en | |
Also referred to |
Vulnerability Description
The Net::IPAddress::Util module before 5.000 for Perl does not properly consider extraneous zero characters in an IP address string, which (in some situations) allows attackers to bypass access control that is based on IP addresses.
Vulnerabilities
CVE-2021-47156
Vulnerability DescriptionThe Net::IPAddress::Util module before 5.000 for Perl does not properly consider extraneous zero characters in an IP address string, which (in some situations) allows attackers to bypass access control that is based on IP addresses.
Weakness | CWE-1287 : Improper Validation of Specified Type of Input |
---|
Product status
Known affected
Product | Score | ||||||||
---|---|---|---|---|---|---|---|---|---|
Net-IPAddress-Util less than 5.000 |
|
Fixed
- Net-IPAddress-Util greater than or equal 5.000
giterlizzi
Namespace: https://github.com/giterlizzi/
gdt@cpan.org
References
- CPANSA-Net-IPAddress-Util-2021-47156 JSON self
https://raw.githubusercontent.com/giterlizzi/perl-CPANSA-CSAF/develop/csaf/white/2024/cpansa-net-ipaddress-util-2021-47156.json - https://blog.urth.org/2021/03/29/security-issues-in-perl-ip-address-distros/ external
https://blog.urth.org/2021/03/29/security-issues-in-perl-ip-address-distros/ - https://metacpan.org/release/Net-IPAddress-Util external
https://metacpan.org/release/Net-IPAddress-Util - https://metacpan.org/release/PWBENNETT/Net-IPAddress-Util-5.000/changes external
https://metacpan.org/release/PWBENNETT/Net-IPAddress-Util-5.000/changes - CVE-2021-47156 (NVD) external
https://nvd.nist.gov/vuln/detail/CVE-2021-47156
Revision history
Version | Date of the revision | Summary of the revision |
---|---|---|
1 | Mon Mar 18 00:00:00 2024 | First release |
Sharing rules
TLP:WHITE
For the TLP version see: https://www.first.org/tlp/