Unrated severityNVD Advisory· Published Mar 29, 2021· Updated Aug 3, 2024
CVE-2021-29424
CVE-2021-29424
Description
The Net::Netmask module before 2.0000 for Perl does not properly consider extraneous zero characters at the beginning of an IP address string, which (in some situations) allows attackers to bypass access control that is based on IP addresses.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
6- Perl/Net::Netmaskdescription
- Range: <2.0000
- osv-coords4 versionspkg:rpm/opensuse/perl-Net-Netmask&distro=openSUSE%20Leap%2015.4pkg:rpm/opensuse/perl-Net-Netmask&distro=openSUSE%20Leap%2015.5pkg:rpm/suse/perl-Net-Netmask&distro=SUSE%20Package%20Hub%2015%20SP4pkg:rpm/suse/perl-Net-Netmask&distro=SUSE%20Package%20Hub%2015%20SP5
< 1.9022-bp154.2.3.1+ 3 more
- (no CPE)range: < 1.9022-bp154.2.3.1
- (no CPE)range: < 1.9022-bp155.3.3.1
- (no CPE)range: < 1.9022-bp154.2.3.1
- (no CPE)range: < 1.9022-bp155.3.3.1
Patches
Vulnerability mechanics
References
6- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CBJVLXJSWN6DKSF5ADUEERI6M23R3GGP/mitrevendor-advisoryx_refsource_FEDORA
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JF4CYIZELC3NISB3RMV4OCI4GYBC557B/mitrevendor-advisoryx_refsource_FEDORA
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Y7JIPQAY5OZ5D3DA7INQILU7SGHTHMWB/mitrevendor-advisoryx_refsource_FEDORA
- blog.urth.org/2021/03/29/security-issues-in-perl-ip-address-distros/mitrex_refsource_MISC
- metacpan.org/changes/distribution/Net-Netmaskmitrex_refsource_MISC
- security.netapp.com/advisory/ntap-20210604-0007/mitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.