HIGH🇬🇧 English

CVE-2026-49942

CVSS 7.3v3.1pub. 2026-06-04upd. 2026-06-08

Net::CIDR::Set versions through 0.20 for Perl did not validate network masks. The mask portion of a network mask could contain Unicode digits such as the Arabic-Indic One (U+0661), or non-digits, which were ignored. This could allow network masks to accept larger networks. Leading zeros were also accepted, but treated as decimal instead of octal. This could lead to confusion about what networks are acceptable.

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
  • Rrwo Net\

    APP
    Rrwo
    \
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
CWE
Referencje

Powiązane podatności

CVE-2026-49941HIGH7.5ten sam produkt

Net::CIDR::Set versions through 0.20 for Perl did not validate IP addresses. The add method called the _encod...

CVE-2026-49940MEDIUM6.5ten sam produkt

Net::CIDR::Set versions through 0.20 for Perl accept non-ASCII IP addresses and netmasks. Unicode digits such...

CVE-2026-7040HIGH7.5ten sam vendor

Text::Minify::XS versions from 0.3.0 before 0.7.8 for Perl have a heap overflow when processing some malformed...