netmask@1.0.6 vulnerabilities
Parse and lookup IP network blocks
-
latest version
2.0.2
-
latest non vulnerable version
-
first published
13 years ago
-
latest version published
4 years ago
-
licenses detected
- >=0
Direct Vulnerabilities
Known vulnerabilities in the netmask package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.Vulnerability | Vulnerable Version |
---|---|
netmask is a library to parse IPv4 CIDR blocks. Affected versions of this package are vulnerable to Server-side Request Forgery (SSRF). It incorrectly evaluates individual IPv4 octets that contain octal strings as left-stripped integers, leading to an inordinate attack surface on hundreds of thousands of projects that rely on For example, a remote unauthenticated attacker can request local resources using input data NOTE: This vulnerability has also been identified as: CVE-2021-29418 How to fix Server-side Request Forgery (SSRF)? Upgrade |
<2.0.1
|
netmask is a library to parse IPv4 CIDR blocks. Affected versions of this package are vulnerable to Server-side Request Forgery (SSRF). It incorrectly evaluates individual IPv4 octets that contain octal strings as left-stripped integers, leading to an inordinate attack surface on hundreds of thousands of projects that rely on For example, a remote unauthenticated attacker can request local resources using input data NOTE: This vulnerability has also been identified as: CVE-2021-28918 How to fix Server-side Request Forgery (SSRF)? Upgrade |
<2.0.1
|