Security Advisory

CVE-2023-42282

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-02-08 00:00:00

Last updated 2025-05-15 19:42:13

Assigner mitre

State PUBLISHED

Description

The ip package before 1.1.9 for Node.js might allow SSRF because some IP addresses (such as 0x7f.1) are improperly categorized as globally routable via isPublic.

← Browse all CVEs View on cve.org ↗