Lucene search

Debian Security Bug TrackerDEBIANCVE:CVE-2021-47154

HistoryMar 18, 2024 - 5:15 a.m.

CVE-2021-47154

2024-03-1805:15:06

Debian Security Bug Tracker

security-tracker.debian.org

net::cidr::lite

perl

ip addresses

access control

6.7 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

15.7%

JSON

The Net::CIDR::Lite module before 0.22 for Perl does not properly consider extraneous zero characters at the beginning of an IP address string, which (in some situations) allows attackers to bypass access control that is based on IP addresses.

OSVersionArchitecturePackageVersionFilename
Debian12alllibnet-cidr-lite-perl< 0.22-1libnet-cidr-lite-perl_0.22-1_all.deb
Debian11alllibnet-cidr-lite-perl< 0.22-1libnet-cidr-lite-perl_0.22-1_all.deb
Debian10alllibnet-cidr-lite-perl< 0.21-2+debu10u1libnet-cidr-lite-perl_0.21-2+debu10u1_all.deb
Debian999alllibnet-cidr-lite-perl< 0.22-1libnet-cidr-lite-perl_0.22-1_all.deb
Debian13alllibnet-cidr-lite-perl< 0.22-1libnet-cidr-lite-perl_0.22-1_all.deb

OS	Version	Architecture	Package	Version	Filename
Debian	12	all	libnet-cidr-lite-perl	< 0.22-1	libnet-cidr-lite-perl_0.22-1_all.deb
Debian	11	all	libnet-cidr-lite-perl	< 0.22-1	libnet-cidr-lite-perl_0.22-1_all.deb
Debian	10	all	libnet-cidr-lite-perl	< 0.21-2+debu10u1	libnet-cidr-lite-perl_0.21-2+debu10u1_all.deb
Debian	999	all	libnet-cidr-lite-perl	< 0.22-1	libnet-cidr-lite-perl_0.22-1_all.deb
Debian	13	all	libnet-cidr-lite-perl	< 0.22-1	libnet-cidr-lite-perl_0.22-1_all.deb