libnet-cidr-set-perl - Debian Package Tracker

1 security issue in trixie high

There is 1 open security issue in trixie.

1 important issue:

CVE-2025-40911: Net::CIDR::Set versions 0.10 through 0.13 for Perl does not properly handle leading zero characters in IP CIDR address strings, which could allow attackers to bypass access control that is based on IP addresses. Leading zeros are used to indicate octal numbers, which can confuse users who are intentionally using octal notation, as well as users who believe they are using decimal notation. Net::CIDR::Set used code from Net::CIDR::Lite, which had a similar vulnerability CVE-2021-47154.

Created: 2025-05-28 Last update: 2025-05-28 19:00

1 security issue in bullseye high

There is 1 open security issue in bullseye.

1 important issue:

CVE-2025-40911: Net::CIDR::Set versions 0.10 through 0.13 for Perl does not properly handle leading zero characters in IP CIDR address strings, which could allow attackers to bypass access control that is based on IP addresses. Leading zeros are used to indicate octal numbers, which can confuse users who are intentionally using octal notation, as well as users who believe they are using decimal notation. Net::CIDR::Set used code from Net::CIDR::Lite, which had a similar vulnerability CVE-2021-47154.

Created: 2025-05-28 Last update: 2025-05-28 19:00

1 security issue in bookworm high

There is 1 open security issue in bookworm.

1 important issue:

CVE-2025-40911: Net::CIDR::Set versions 0.10 through 0.13 for Perl does not properly handle leading zero characters in IP CIDR address strings, which could allow attackers to bypass access control that is based on IP addresses. Leading zeros are used to indicate octal numbers, which can confuse users who are intentionally using octal notation, as well as users who believe they are using decimal notation. Net::CIDR::Set used code from Net::CIDR::Lite, which had a similar vulnerability CVE-2021-47154.

Created: 2025-05-28 Last update: 2025-05-28 19:00

Failed to analyze the VCS repository. Please troubleshoot and fix the issue. high

vcswatch reports that there is an error with this package's VCS, or the debian/changelog file inside it. Please check the error shown below and try to fix it. You might have to update the VCS URL in the debian/control file to point to the correct repository.

fatal: missing blob object '1aadd5edcc76fa691315b6c97b435e08905fccfe' error: remote did not send all necessary objects

Created: 2025-05-28 Last update: 2025-05-28 16:34