Medium severity6.5NVD Advisory· Published Mar 18, 2024· Updated Apr 15, 2026

CVE-2021-47156

Description

The Net::IPAddress::Util module before 5.000 for Perl does not properly consider extraneous zero characters in an IP address string, which (in some situations) allows attackers to bypass access control that is based on IP addresses.

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

blog.urth.org/2021/03/29/security-issues-in-perl-ip-address-distros/nvd
metacpan.org/release/Net-IPAddress-Utilnvd
metacpan.org/release/PWBENNETT/Net-IPAddress-Util-5.000/changesnvd

News mentions

No linked articles in our index yet.

cvss	0.423
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000