rpm package
opensuse/perl-Net-CIDR-Set&distro=openSUSE Tumbleweed
pkg:rpm/opensuse/perl-Net-CIDR-Set&distro=openSUSE%20Tumbleweed
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2026-49941 | Hig | 7.5 | < 0.210.0-1.1 | 0.210.0-1.1 | Jun 4, 2026 | Net::CIDR::Set versions through 0.20 for Perl did not validate IP addresses. The add method called the _encode method to parse addresses. If the addresses did not look like netmasks or network ranges, then they were assumed to single IP addresses and passed back to itself as a 3 | |
| CVE-2026-49940 | Med | 6.5 | < 0.210.0-1.1 | 0.210.0-1.1 | Jun 4, 2026 | Net::CIDR::Set versions through 0.20 for Perl accept non-ASCII IP addresses and netmasks. Unicode digits such as the Arabic-Indic One (U+0661) were accepted but not properly parsed as numbers. This could allow network masks to accept larger networks. |
- affected < 0.210.0-1.1fixed 0.210.0-1.1
Net::CIDR::Set versions through 0.20 for Perl did not validate IP addresses. The add method called the _encode method to parse addresses. If the addresses did not look like netmasks or network ranges, then they were assumed to single IP addresses and passed back to itself as a 3
- affected < 0.210.0-1.1fixed 0.210.0-1.1
Net::CIDR::Set versions through 0.20 for Perl accept non-ASCII IP addresses and netmasks. Unicode digits such as the Arabic-Indic One (U+0661) were accepted but not properly parsed as numbers. This could allow network masks to accept larger networks.