PT-2026-39538 · Cpan+2 · Net-Cidr-Lite+2

Stigtsp

·

Published

2026-05-10

·

Updated

2026-06-18

·

CVE-2026-45190

CVSS v3.1

6.5

Medium

VectorAV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
Name of the Vulnerable Software and Affected Versions Net::CIDR::Lite versions prior to 0.24
Description Net::CIDR::Lite for Perl fails to properly validate IP address and CIDR mask inputs. Inputs containing non-ASCII digit characters or a trailing newline pass validation but are re-encoded by the parser into an address different from the original input string. This can cause the find() and bin find() functions to incorrectly match or miss addresses, potentially leading to an IP Access Control List (ACL) bypass.
Recommendations Update to version 0.24 or later.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

Related Identifiers

CVE-2026-45190
OPENSUSE-SU-2026:10780-1
USN-8453-1

Affected Products

Linuxmint
Net-Cidr-Lite
Ubuntu