Vulnerabilities (CVE)

Filtered by vendor Fedorindutny Subscribe
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-42282 1 Fedorindutny 1 Ip 2024-11-21 N/A 9.8 CRITICAL
The ip package before 1.1.9 for Node.js might allow SSRF because some IP addresses (such as 0x7f.1) are improperly categorized as globally routable via isPublic.