Net-IP-LPM-1.10

Security Advisories (1)

CVE-2025-40910 (2025-06-27)

Net::IP::LPM version 1.10 for Perl does not properly consider leading zero characters in IP CIDR address strings, which could allow attackers to bypass access control that is based on IP addresses. Leading zeros are used to indicate octal numbers, which can confuse users who are intentionally using octal notation, as well as users who believe they are using decimal notation.

https://blog.urth.org/2021/03/29/security-issues-in-perl-ip-address-distros/
https://metacpan.org/release/TPODER/Net-IP-LPM-1.10/diff/TPODER/Net-IP-LPM-1.09/lib/Net/IP/LPM.pm
https://security.metacpan.org/patches/N/Net-IP-LPM/1.10/CVE-2025-40910-r1.patch

Changes for version 1.10

Socket6 module is not required starting with perl 5.14.0
removed bug #106168, thanks to jmaslak@antelope.net
buggy implementation of inet_pton in Ubuntu

Modules

Net::IP::LPM

Perl implementation of Longest Prefix Match algorithm

Other files

Changes
MANIFEST
META.yml
Makefile.PL
README

To install Net::IP::LPM, copy and paste the appropriate command in to your terminal.

cpanm

cpanm Net::IP::LPM

CPAN shell

perl -MCPAN -e shell
install Net::IP::LPM

For more information on module installation, please visit the detailed CPAN module installation guide.

	Global
`s`	Focus search bar
`?`	Bring up this help dialog

	GitHub
`g` `p`	Go to pull requests
`g` `i`	go to github issues (only if github is preferred repository)

	POD
`g` `a`	Go to author
`g` `c`	Go to changes
`g` `i`	Go to issues
`g` `d`	Go to dist
`g` `r`	Go to repository/SCM
`g` `s`	Go to source
`g` `b`	Go to file browse

	Search terms
module: (e.g. module:Plugin)
distribution: (e.g. distribution:Dancer auth)
author: (e.g. author:SONGMU Redis)
version: (e.g. version:1.00)

Changes for version 1.10

Modules

Other files

Module Install Instructions