Net-CIDR-0.20

Security Advisories (1)

CVE-2021-4456 (2026-02-27)

Net::CIDR versions before 0.24 for Perl mishandle leading zeros in IP CIDR addresses, which may have unspecified impact. The functions `addr2cidr` and `cidrlookup` may return leading zeros in a CIDR string, which may in turn be parsed as octal numbers by subsequent users. In some cases an attacker may be able to leverage this to bypass access controls based on IP addresses. The documentation advises validating untrusted CIDR strings with the `cidrvalidate` function. However, this mitigation is optional and not enforced by default. In practice, users may call `addr2cidr` or `cidrlookup` with untrusted input and without validation, incorrectly assuming that this is safe.

Changes for version 0.20

2019-04-16 Sam Varshavchik <mrsam@courier-mta.com>
- _ipcmp: handle comparison of mixed IPv4 and IPv6-specified addresses, allowing cidrlookup() to look up IPv6-mapped IPv4 addresses in IPv4 address ranges, and vice versa.

Modules

Net::CIDR

Manipulate IPv4/IPv6 netblocks in CIDR notation

Other files

To install Net::CIDR, copy and paste the appropriate command in to your terminal.

cpanm

cpanm Net::CIDR

CPAN shell

perl -MCPAN -e shell
install Net::CIDR

For more information on module installation, please visit the detailed CPAN module installation guide.

	Global
`s`	Focus search bar
`?`	Bring up this help dialog

	GitHub
`g` `p`	Go to pull requests
`g` `i`	Go to GitHub issues (only if GitHub is preferred repository)

	POD
`g` `a`	Go to author
`g` `c`	Go to changes
`g` `i`	Go to issues
`g` `d`	Go to dist
`g` `r`	Go to repository/SCM
`g` `s`	Go to source
`g` `b`	Go to file browse

Search terms
module: (e.g. module:Plugin)
distribution: (e.g. distribution:Dancer auth)
author: (e.g. author:SONGMU Redis)
version: (e.g. version:1.00)

Changes for version 0.20

Modules

Other files

Module Install Instructions

Keyboard Shortcuts