Get-Ip-Range Project: Security Vulnerabilities
The get-ip-range package before 4.0.0 for Node.js is vulnerable to denial of service (DoS) if the range is untrusted input. An attacker could send a large range (such as 128.0.0.0/1) that causes resource exhaustion.
CVSS Score
7.5
EPSS Score
0.006
Published
2021-02-11