CVE-2024-28607 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

The ip-utils package through 2.4.0 for Node.js might allow SSRF because some IP addresses (such as 0x7f.1) are improperly categorized as globally routable via a…
Low CVSS: 2.9

CVE-2024-28607

The ip-utils package through 2.4.0 for Node.js might allow SSRF because some IP addresses (such as 0x7f.1) are improperly categorized as globally routable via a falsy isPrivate return value.
Vendor
-
Product
-
CWE
CWE-180
Yayın Tarihi
2025-03-11 09:15:23
Güncelleme
2025-03-11 09:15:23
Source Identifier
cve@mitre.org
KEV Date Added
-

Kategoriler

CWE-180 LOW 2025

Referanslar

https://gist.github.com/aydinnyunus/4d71e7d9a433f3afc658724b903f4d23 https://github.com/librasean/IP-Utils/blob/4f88799f94f21efe6ea9135129ab2bbeb0c58edc/src/IsPrivate.ts#L4