CVE-2021-47154

MEDIUM 6.3

CVSS Score

6.3

EPSS Score

0.0%

EPSS Percentile

0th

The Net::CIDR::Lite module before 0.22 for Perl does not properly consider extraneous zero characters at the beginning of an IP address string, which (in some situations) allows attackers to bypass access control that is based on IP addresses.

Vendor	n/a
Product	n/a
Published	Mar 18, 2024
Last Updated	Nov 15, 2024

Stay Ahead of the Next One

Get instant alerts for n/a n/a

Be the first to know when new medium vulnerabilities affecting n/a n/a are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

n/a / n/a

n/a

References

NVD ↗ CVE.org ↗ EPSS Data ↗

blog.urth.org: https://blog.urth.org/2021/03/29/security-issues-in-perl-ip-address-distros/ metacpan.org: https://metacpan.org/pod/Net::CIDR::Lite github.com: https://github.com/stigtsp/Net-CIDR-Lite/commit/23b6ff0590dc279521863a502e890ef19a5a76fc metacpan.org: https://metacpan.org/dist/Net-CIDR-Lite/changes lists.debian.org: https://lists.debian.org/debian-lts-announce/2024/03/msg00023.html