CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Fedorindutny: >> Ip >> 0.2.0 Security Vulnerabilities

CVE-2023-42282

The ip package before 1.1.9 for Node.js might allow SSRF because some IP addresses (such as 0x7f.1) are improperly categorized as globally routable via isPublic.

CVSS Score

9.8

EPSS Score

0.004

Published

2024-02-08

Page 1

Vulnerabilities

Vulnerable Software

Fedorindutny: >> Ip >> 0.2.0 Security Vulnerabilities

Products

Pricing

Contact Us