Nixpkgs security tracker

Login with GitHub

⚠️ You are using a production deployment that is still only suitable for demo purposes. Any work done in this might be wiped later without notice.

Suggestions search

All statuses

Filter by:

With package: perl5Packages.NetCIDR

Found 1 matching suggestions

View:

Compact

Detailed

Untriaged

Permalink CVE-2021-4456

6.5 MEDIUM

CVSS version: 3.1
Attack vector (AV): NETWORK
Attack complexity (AC): LOW
Privileges required (PR): NONE
User interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality impact (C): LOW
Integrity impact (I): LOW
Availability impact (A): NONE

created 1 month, 2 weeks ago

Net::CIDR versions before 0.24 for Perl mishandle leading zeros in IP CIDR addresses, which may have unspecified impact

Net::CIDR versions before 0.24 for Perl mishandle leading zeros in IP CIDR addresses, which may have unspecified impact. The functions `addr2cidr` and `cidrlookup` may return leading zeros in a CIDR string, which may in turn be parsed as octal numbers by subsequent users. In some cases an attacker may be able to leverage this to bypass access controls based on IP addresses. The documentation advises validating untrusted CIDR strings with the `cidrvalidate` function. However, this mitigation is optional and not enforced by default. In practice, users may call `addr2cidr` or `cidrlookup` with untrusted input and without validation, incorrectly assuming that this is safe.

References

Affected products

Net-CIDR

<0.24

Matching in nixpkgs

pkgs.perlPackages.NetCIDR

Manipulate IPv4/IPv6 netblocks in CIDR notation

nixos-unstable 0.21
- nixpkgs-unstable 0.21
- nixos-unstable-small 0.21
nixos-25.11 0.21
- nixos-25.11-small 0.21
- nixpkgs-25.11-darwin 0.21

pkgs.perl5Packages.NetCIDR

Manipulate IPv4/IPv6 netblocks in CIDR notation

nixos-unstable 0.21
- nixpkgs-unstable 0.21
- nixos-unstable-small 0.21

pkgs.perl538Packages.NetCIDR

Manipulate IPv4/IPv6 netblocks in CIDR notation

nixos-25.11 0.21
- nixos-25.11-small 0.21
- nixpkgs-25.11-darwin 0.21

pkgs.perl540Packages.NetCIDR

Manipulate IPv4/IPv6 netblocks in CIDR notation

nixos-25.11 0.21
- nixos-25.11-small 0.21
- nixpkgs-25.11-darwin 0.21

pkgs.perlPackages.NetCIDRLite

Perl extension for merging IPv4 or IPv6 CIDR addresses

nixos-unstable 0.22
- nixpkgs-unstable 0.22
- nixos-unstable-small 0.22
nixos-25.11 0.22
- nixos-25.11-small 0.22
- nixpkgs-25.11-darwin 0.22

pkgs.perl5Packages.NetCIDRLite

Perl extension for merging IPv4 or IPv6 CIDR addresses

nixos-unstable 0.22
- nixpkgs-unstable 0.22
- nixos-unstable-small 0.22

pkgs.perl538Packages.NetCIDRLite

Perl extension for merging IPv4 or IPv6 CIDR addresses

nixos-25.11 0.22
- nixos-25.11-small 0.22
- nixpkgs-25.11-darwin 0.22

pkgs.perl540Packages.NetCIDRLite

Perl extension for merging IPv4 or IPv6 CIDR addresses

nixos-25.11 0.22
- nixos-25.11-small 0.22
- nixpkgs-25.11-darwin 0.22

pkgs.perlPackages.RegexpCommonnetCIDR

Provide patterns for CIDR blocks

nixos-unstable 0.03
- nixpkgs-unstable 0.03
- nixos-unstable-small 0.03
nixos-25.11 0.03
- nixos-25.11-small 0.03
- nixpkgs-25.11-darwin 0.03

pkgs.perl5Packages.RegexpCommonnetCIDR

Provide patterns for CIDR blocks

nixos-unstable 0.03
- nixpkgs-unstable 0.03
- nixos-unstable-small 0.03

pkgs.perl538Packages.RegexpCommonnetCIDR

Provide patterns for CIDR blocks

nixos-25.11 0.03
- nixos-25.11-small 0.03
- nixpkgs-25.11-darwin 0.03

pkgs.perl540Packages.RegexpCommonnetCIDR

Provide patterns for CIDR blocks

nixos-25.11 0.03
- nixos-25.11-small 0.03
- nixpkgs-25.11-darwin 0.03

Package maintainers

@bjornfor Bjørn Forsman <bjorn.forsman@gmail.com>
@stigtsp Stig Palmquist <stig@stig.io>

1