CVE-2026-49942

EPSS 0.31%
Veröffentlicht 04.06.2026 16:07:42
Zuletzt bearbeitet 08.06.2026 16:37:19
Quelle 9b29abf9-4ab0-4765-b253-1875cd
CVE-Watchlists
Login
Unerledigt
Login

Net::CIDR::Set versions through 0.20 for Perl did not validate network masks

Net::CIDR::Set versions through 0.20 for Perl did not validate network masks.

The mask portion of a network mask could contain Unicode digits such as the Arabic-Indic One (U+0661), or non-digits, which were ignored.   This could allow network masks to accept larger networks.

Leading zeros were also accepted, but treated as decimal instead of octal.  This could lead to confusion about what networks are acceptable.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 6

NVD 1 VulnDex Vulnerability Enrichment 0

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Rrwo ≫ Net::cidr::set SwPlatformperl Version < 0.21

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.31%	0.227

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
134c704f-9b21-4f2e-91b3-4a467353bcc0	7.3	3.9	3.4	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

CWE-1289 Improper Validation of Unsafe Equivalence in Input

The product receives an input value that is used as a resource identifier or other type of reference, but it does not validate or incorrectly validates that the input is equivalent to a potentially-unsafe value.

https://metacpan.org/release/RRWO/Net-CIDR-Set-0.21/changes

Release Notes

https://nvd.nist.gov/vuln/detail/CVE-2025-40911

Third Party Advisory

US Government Resource

https://nvd.nist.gov/vuln/detail/CVE-2026-45191

Third Party Advisory

US Government Resource

https://nvd.nist.gov/vuln/detail/CVE-2026-49942

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2026-49942

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2026-49942

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2026-49942