Количество 2
Количество 2
CVE-2025-8020
All versions of the package private-ip are vulnerable to Server-Side Request Forgery (SSRF) where an attacker can provide an IP or hostname that resolves to a multicast IP address (224.0.0.0/4) which is not included as part of the private IP ranges in the package's source code.
GHSA-9h3q-32c7-r533
private-ip vulnerable to Server-Side Request Forgery
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2025-8020 All versions of the package private-ip are vulnerable to Server-Side Request Forgery (SSRF) where an attacker can provide an IP or hostname that resolves to a multicast IP address (224.0.0.0/4) which is not included as part of the private IP ranges in the package's source code. | CVSS3: 8.2 | 0% Низкий | около 2 месяцев назад |
| GHSA-9h3q-32c7-r533 private-ip vulnerable to Server-Side Request Forgery | CVSS3: 8.2 | 0% Низкий | около 2 месяцев назад |
Уязвимостей на страницу