Mend.io Vulnerability Database

What is a CVE vulnerability ID? icon What is a WS vulnerability ID? icon What is an MSC vulnerability ID? icon
New vulnerability? Tell us about it!
icon

We found results for “

CVE-2021-47154

Good to know:

icon

Date: March 18, 2024

The Net::CIDR::Lite module before 0.22 for Perl does not properly consider extraneous zero characters at the beginning of an IP address string, which (in some situations) allows attackers to bypass access control that is based on IP addresses.

Language: Perl

Severity Score

Related Resources (8)

https://github.com/stigtsp/Net-CIDR-Lite/commit/23b6ff0590dc279521863a502e890ef19a5a76fc
https://security-tracker.debian.org/tracker/CVE-2021-47154
https://metacpan.org/dist/Net-CIDR-Lite/changes
https://metacpan.org/pod/Net::CIDR::Lite
https://blog.urth.org/2021/03/29/security-issues-in-perl-ip-address-distros/
https://nvd.nist.gov/vuln/detail/CVE-2021-47154
https://lists.debian.org/debian-lts-announce/2024/03/msg00023.html
https://www.mend.io/vulnerability-database/CVE-2021-47154

Severity Score

Top Fix

icon

Upgrade Version

Upgrade to version 0.22

Learn More

CVSS v3.1

Base Score:
Attack Vector (AV): NETWORK
Attack Complexity (AC): LOW
Privileges Required (PR): NONE
User Interaction (UI): REQUIRED
Scope (S): UNCHANGED
Confidentiality (C): LOW
Integrity (I): LOW
Availability (A): LOW

Do you need more information?

Contact Us