exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 6

CVE-2024-29415

больше 1 года назад

The ip package through 2.0.1 for Node.js might allow SSRF because some IP addresses (such as 127.1, 01200034567, 012.1.2.3, 000:0:0000::01, and ::fFFf:127.0.0.1) are improperly categorized as globally routable via isPublic. NOTE: this issue exists because of an incomplete fix for CVE-2023-42282.

CVSS3: 8.1

EPSS: Высокий

CVE-2024-29415

почти 2 года назад

The ip package through 2.0.1 for Node.js might allow SSRF because some IP addresses (such as 127.1, 01200034567, 012.1.2.3, 000:0:0000::01, and ::fFFf:127.0.0.1) are improperly categorized as globally routable via isPublic. NOTE: this issue exists because of an incomplete fix for CVE-2023-42282.

CVSS3: 9.8

EPSS: Высокий

CVE-2024-29415

больше 1 года назад

The ip package through 2.0.1 for Node.js might allow SSRF because some IP addresses (such as 127.1, 01200034567, 012.1.2.3, 000:0:0000::01, and ::fFFf:127.0.0.1) are improperly categorized as globally routable via isPublic. NOTE: this issue exists because of an incomplete fix for CVE-2023-42282.

CVSS3: 8.1

EPSS: Высокий

CVE-2024-29415

больше 1 года назад

The ip package through 2.0.1 for Node.js might allow SSRF because some ...

CVSS3: 8.1

EPSS: Высокий

GHSA-2p57-rm9w-gvfp

больше 1 года назад

ip SSRF improper categorization in isPublic

CVSS3: 8.1

EPSS: Высокий

BDU:2024-04518

почти 2 года назад

Уязвимость функции isPublic() утилиты node-ip программной платформы Node.js, позволяющая нарушителю реализовать SSRF-атаку

CVSS3: 9.8

EPSS: Высокий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2024-29415 The ip package through 2.0.1 for Node.js might allow SSRF because some IP addresses (such as 127.1, 01200034567, 012.1.2.3, 000:0:0000::01, and ::fFFf:127.0.0.1) are improperly categorized as globally routable via isPublic. NOTE: this issue exists because of an incomplete fix for CVE-2023-42282.	CVSS3: 8.1	87% Высокий	больше 1 года назад
CVE-2024-29415 The ip package through 2.0.1 for Node.js might allow SSRF because some IP addresses (such as 127.1, 01200034567, 012.1.2.3, 000:0:0000::01, and ::fFFf:127.0.0.1) are improperly categorized as globally routable via isPublic. NOTE: this issue exists because of an incomplete fix for CVE-2023-42282.	CVSS3: 9.8	87% Высокий	почти 2 года назад
CVE-2024-29415 The ip package through 2.0.1 for Node.js might allow SSRF because some IP addresses (such as 127.1, 01200034567, 012.1.2.3, 000:0:0000::01, and ::fFFf:127.0.0.1) are improperly categorized as globally routable via isPublic. NOTE: this issue exists because of an incomplete fix for CVE-2023-42282.	CVSS3: 8.1	87% Высокий	больше 1 года назад
CVE-2024-29415 The ip package through 2.0.1 for Node.js might allow SSRF because some ...	CVSS3: 8.1	87% Высокий	больше 1 года назад
GHSA-2p57-rm9w-gvfp ip SSRF improper categorization in isPublic	CVSS3: 8.1	87% Высокий	больше 1 года назад
BDU:2024-04518 Уязвимость функции isPublic() утилиты node-ip программной платформы Node.js, позволяющая нарушителю реализовать SSRF-атаку	CVSS3: 9.8	87% Высокий	почти 2 года назад

Уязвимостей на страницу