Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2025-59436

Опубликовано: 16 сент. 2025
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS3: 3.2

Описание

The ip (aka node-ip) package through 2.0.1 (in NPM) might allow SSRF because the IP address value 017700000001 is improperly categorized as globally routable via isPublic. NOTE: this issue exists because of an incomplete fix for CVE-2024-29415.

РелизСтатусПримечание
devel

needs-triage

esm-apps/bionic

needs-triage

esm-apps/focal

needs-triage

esm-apps/jammy

needs-triage

esm-apps/noble

needs-triage

jammy

needs-triage

noble

needs-triage

plucky

ignored

end of life, was needs-triage
questing

needs-triage

upstream

needs-triage

Показывать по

Ссылки на источники

EPSS

Процентиль: 5%
0.00022
Низкий

3.2 Low

CVSS3

Связанные уязвимости

redhat логотип

CVE-2025-59436

CVSS3: 3.2
redhat
5 месяцев назад

The ip (aka node-ip) package through 2.0.1 (in NPM) might allow SSRF because the IP address value 017700000001 is improperly categorized as globally routable via isPublic. NOTE: this issue exists because of an incomplete fix for CVE-2024-29415.

nvd логотип

CVE-2025-59436

CVSS3: 3.2
nvd
5 месяцев назад

The ip (aka node-ip) package through 2.0.1 (in NPM) might allow SSRF because the IP address value 017700000001 is improperly categorized as globally routable via isPublic. NOTE: this issue exists because of an incomplete fix for CVE-2024-29415.

debian логотип

CVE-2025-59436

CVSS3: 3.2
debian
5 месяцев назад

The ip (aka node-ip) package through 2.0.1 (in NPM) might allow SSRF b ...

github логотип

GHSA-qf5v-q897-m77r

CVSS3: 3.2
github
5 месяцев назад

The ip (aka node-ip) package through 2.0.1 (in NPM) might allow SSRF because the IP address value 017700000001 is improperly categorized as globally routable via isPublic. NOTE: this issue exists because of an incomplete fix for CVE-2024-29415.

EPSS

Процентиль: 5%
0.00022
Низкий

3.2 Low

CVSS3