Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2025-59436

Опубликовано: 16 сент. 2025
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS3: 3.2

Описание

The ip (aka node-ip) package through 2.0.1 (in NPM) might allow SSRF because the IP address value 017700000001 is improperly categorized as globally routable via isPublic. NOTE: this issue exists because of an incomplete fix for CVE-2024-29415.

РелизСтатусПримечание
devel

needs-triage

esm-apps/bionic

needs-triage

esm-apps/focal

needs-triage

esm-apps/jammy

needs-triage

esm-apps/noble

needs-triage

jammy

needs-triage

noble

needs-triage

plucky

needs-triage

questing

needs-triage

upstream

needs-triage

Показывать по

Ссылки на источники

EPSS

Процентиль: 4%
0.00018
Низкий

3.2 Low

CVSS3

Связанные уязвимости

redhat логотип

CVE-2025-59436

CVSS3: 3.2
redhat
3 месяца назад

The ip (aka node-ip) package through 2.0.1 (in NPM) might allow SSRF because the IP address value 017700000001 is improperly categorized as globally routable via isPublic. NOTE: this issue exists because of an incomplete fix for CVE-2024-29415.

nvd логотип

CVE-2025-59436

CVSS3: 3.2
nvd
3 месяца назад

The ip (aka node-ip) package through 2.0.1 (in NPM) might allow SSRF because the IP address value 017700000001 is improperly categorized as globally routable via isPublic. NOTE: this issue exists because of an incomplete fix for CVE-2024-29415.

debian логотип

CVE-2025-59436

CVSS3: 3.2
debian
3 месяца назад

The ip (aka node-ip) package through 2.0.1 (in NPM) might allow SSRF b ...

github логотип

GHSA-qf5v-q897-m77r

CVSS3: 3.2
github
3 месяца назад

The ip (aka node-ip) package through 2.0.1 (in NPM) might allow SSRF because the IP address value 017700000001 is improperly categorized as globally routable via isPublic. NOTE: this issue exists because of an incomplete fix for CVE-2024-29415.

EPSS

Процентиль: 4%
0.00018
Низкий

3.2 Low

CVSS3