6 matches found
CVE-2026-45191 Net::CIDR::Lite versions before 0.24 for Perl does not properly consider extraneous zero characters in CIDR mask values, which may allow IP ACL bypass
Net::CIDR::Lite versions before 0.24 for Perl does not properly consider extraneous zero characters in CIDR mask values, which may allow IP ACL bypass. Mask forms like "/00" and "/01" pass validation and parse to the same prefix as their unpadded value. See also CVE-2026-45190...
CVE-2026-45191
Net::CIDR::Lite (Perl) is affected in versions before 0.24. The flaw is in CIDR mask handling: extraneous zero characters in masks are not properly validated, causing /00 and /01 (and other zero-padded forms) to pass validation and be parsed to the same prefix as the unpadded value, potentially a...
Linux Distros Unpatched Vulnerability : CVE-2021-4456
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Net::CIDR versions before 0.24 for Perl mishandle leading zeros in IP CIDR addresses, which may have unspecified impact. The functions addr2cidr and cidrlookup...
SUSE CVE-2006-6944
phpMyAdmin before 2.9.1.1 allows remote attackers to bypass Allow/Deny access rules that use IP addresses via false headers...
SUSE CVE-2021-29662
The Data::Validate::IP module through 0.29 for Perl does not properly consider extraneous zero characters at the beginning of an IP address string, which in some situations allows attackers to bypass access control that is based on IP addresses...
UBUNTU-CVE-2021-29921
In Python before 3,9,5, the ipaddress library mishandles leading zero characters in the octets of an IP address string. This in some situations allows attackers to bypass access control that is based on IP addresses...