VYPR

rpm package

opensuse/perl-Net-CIDR-Lite&distro=openSUSE Tumbleweed

pkg:rpm/opensuse/perl-Net-CIDR-Lite&distro=openSUSE%20Tumbleweed

Vulnerabilities (4)

  • CVE-2026-45191MedMay 10, 2026
    affected < 0.240.0-1.1fixed 0.240.0-1.1

    Net::CIDR::Lite versions before 0.24 for Perl does not properly consider extraneous zero characters in CIDR mask values, which may allow IP ACL bypass. Mask forms like "/00" and "/01" pass validation and parse to the same prefix as their unpadded value. See also CVE-2026-45190.

  • CVE-2026-45190MedMay 10, 2026
    affected < 0.240.0-1.1fixed 0.240.0-1.1

    Net::CIDR::Lite versions before 0.24 for Perl does not properly validate IP address and CIDR mask inputs, which may allow IP ACL bypass. Inputs containing a trailing newline or non-ASCII digit characters pass the validators but are then re-encoded by the parser to a different ad

  • CVE-2026-40199MedApr 10, 2026
    affected < 0.240.0-1.1fixed 0.240.0-1.1

    Net::CIDR::Lite versions before 0.23 for Perl mishandles IPv4 mapped IPv6 addresses, which may allow IP ACL bypass. _pack_ipv6() includes the sentinel byte from _pack_ipv4() when building the packed representation of IPv4 mapped addresses like ::ffff:192.168.1.1. This produces a

  • CVE-2026-40198HigApr 10, 2026
    affected < 0.240.0-1.1fixed 0.240.0-1.1

    Net::CIDR::Lite versions before 0.23 for Perl does not validate IPv6 group count, which may allow IP ACL bypass. _pack_ipv6() does not check that uncompressed IPv6 addresses (without ::) have exactly 8 hex groups. Inputs like "abcd", "1:2:3", or "1:2:3:4:5:6:7" are accepted and