Out-of-bounds Read in Tpoder Net::ip::lpm
CVE-2026-56015
Net::IP::LPM versions through 1.10 for Perl allow a heap out-of-bounds read via an unbounded prefix length. add() passes the prefix string to the trie builder addPrefixToTrie() without checking it against the address width. addPrefixToTr…
Vulnerability class: Buffer Overflow
Affected products
- Tpoder Net::ip::lpm — versions 0
Weakness classification (CWE)
References
- 9b29abf9-4ab0-4765-b253-1875cd9b441e (issue-tracking, vendor-advisory)
- 9b29abf9-4ab0-4765-b253-1875cd9b441e (patch)
- af854a3a-2127-422b-91ae-364da2661108