First published: Wed Mar 31 2021(Updated: )
The Data::Validate::IP module through 0.29 for Perl does not properly consider extraneous zero characters at the beginning of an IP address string, which (in some situations) allows attackers to bypass access control that is based on IP addresses.
Credit: cve@mitre.org cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Data\ \ | <=0.29 | |
Netapp Snapcenter |
https://github.com/houseabsolute/Data-Validate-IP/commit/3bba13c819d616514a75e089badd75002fd4f14e
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.