Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The ip-utils package through 2.4.0 for Node.js might allow SSRF because some IP addresses (such as 0x7f.1) are improperly categorized as globally routable via a falsy isPrivate return value.
CVSS Information
CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
Vulnerability Type
不正确的行为次序:规范化之前验证
Vulnerability Title
IP Util Functions Library 安全漏洞
Vulnerability Description
IP Util Functions Library是Sean Nelson个人开发者的一个收集与知识产权相关的实用程序。 IP Util Functions Library 2.4.0及之前版本存在安全漏洞,该漏洞源于某些IP地址被错误分类为全局可路由,可能导致SSRF攻击。
CVSS Information
N/A
Vulnerability Type
N/A