---

CVE-2021-29662 - log back

CVE-2021-29662 edited at 06 Apr 2021 09:56:07
References	+ https://blog.urth.org/2021/03/29/security-issues-in-perl-ip-address-distros/#data-validate-iphttpsmetacpanorgreleasedata-validate-ip + https://metacpan.org/pod/Data::Validate::IP#USAGE-AND-SECURITY-RECOMMENDATIONS https://github.com/houseabsolute/Data-Validate-IP/commit/3bba13c819d616514a75e089badd75002fd4f14e

CVE-2021-29662 edited at 31 Mar 2021 19:26:49
Severity	- Unknown + Medium
Remote	- Unknown + Remote
Type	- Unknown + Incorrect calculation
Description	+ The Data::Validate::IP module through 0.29 for Perl does not properly consider extraneous zero characters at the beginning of an IP address string, which (in some situations) allows attackers to bypass access control that is based on IP addresses.
References	+ https://github.com/houseabsolute/Data-Validate-IP/commit/3bba13c819d616514a75e089badd75002fd4f14e
Notes

CVE-2021-29662 created at 31 Mar 2021 19:24:51