Advisories » MGASA-2026-0136

Updated perl-Net-CIDR-Lite packages fix security vulnerabilities

Publication date: 14 May 2026
Modification date: 14 May 2026
Type: security
Affected Mageia releases : 9
CVE: CVE-2026-45190 , CVE-2026-45191

Description

Net::CIDR::Lite versions before 0.24 for Perl does not properly validate
IP address and CIDR mask inputs, which may allow IP ACL bypass.
(CVE-2026-45190)
Net::CIDR::Lite versions before 0.24 for Perl does not properly consider
extraneous zero characters in CIDR mask values, which may allow IP ACL
bypass. (CVE-2026-45191)
                

References

• https://bugs.mageia.org/show_bug.cgi?id=35506
• https://www.openwall.com/lists/oss-security/2026/05/10/6
• https://www.openwall.com/lists/oss-security/2026/05/10/7
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-45190
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-45191

SRPMS

9/core

• perl-Net-CIDR-Lite-0.240.0-1.mga9