Описание
The ip-utils package through 2.4.0 for Node.js might allow SSRF because some IP addresses (such as 0x7f.1) are improperly categorized as globally routable via a falsy isPrivate return value.
EPSS
Процентиль: 3%
0.00015
Низкий
2.9 Low
CVSS3
Дефекты
CWE-180
Связанные уязвимости
CVSS3: 2.9
github
11 месяцев назад
The ip-utils package through 2.4.0 for Node.js might allow SSRF because some IP addresses (such as 0x7f.1) are improperly categorized as globally routable via a falsy isPrivate return value.
EPSS
Процентиль: 3%
0.00015
Низкий
2.9 Low
CVSS3
Дефекты
CWE-180