By vendor
Rrwo vulnerabilities
Known CVEs affecting Rrwo products, prioritized by severity, with SEC.co remediation and detection guidance.
3 published vulnerabilities
- CVE-2026-49941HIGH 7.5
Net::CIDR::Set, a Perl library for managing IP address ranges, contains a flaw in how it parses IP addresses. When the library receives an improperly formatted IP address, instead of rejecting it, the code enters an infinite loop trying to process it. An attacker can exploit this by sending malformed input to applications using the vulnerable library, causing them to hang and become unresponsive. This is a denial-of-service vulnerability affecting versions up to and including 0.20.
- CVE-2026-49942HIGH 7.3
Net::CIDR::Set, a Perl library for managing CIDR network blocks, contains a validation flaw in versions through 0.20 that allows attackers to bypass network access controls. The vulnerability stems from improper handling of network masks—the library accepts Unicode digit characters (such as Arabic-Indic numerals) and non-digit characters in mask fields, treating them as valid input. Additionally, leading zeros in masks are processed as decimal rather than octal, creating confusion about which networks are actually permitted. Together, these issues can cause the library to accept significantly larger or differently scoped networks than intended, potentially allowing unauthorized traffic or connections that should have been blocked.
- CVE-2026-49940MEDIUM 6.5
Net::CIDR::Set, a Perl library for managing IP address ranges, has a parsing vulnerability in versions up to 0.20. The library incorrectly accepts non-ASCII Unicode digits (such as Arabic-Indic numerals) in IP addresses and network masks. Because these Unicode characters aren't properly converted to their numeric values, network masks may be parsed incorrectly, potentially causing the library to accept a broader range of IP addresses than intended. This could allow an attacker to bypass network access controls or firewall rules that rely on this library for IP validation.