Homepage

ec2-metadata@1.0.0 vulnerabilities

An easy interface to query the EC2 metadata API, with caching.

  • latest version

    2.14.0

  • latest non vulnerable version

    2.14.0

  • first published

    7 years ago

  • latest version published

    4 months ago

  • licenses detected

    • ISC
      [1.0.0,2.3.0)
  • View ec2-metadata package health on Snyk Advisor  (opens in a new tab)
    • Go back to all versions of this package
    Report a new vulnerability Found a mistake?

    Direct Vulnerabilities

    Known vulnerabilities in the ec2-metadata package. This does not include vulnerabilities belonging to this package’s dependencies.

    How to fix?

    Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

    Fix for free
    VulnerabilityVulnerable Version
    • M
    Server-side request forgery (SSRF)

    ec2-metadata is an interface to query the EC2 metadata API (version 2), with caching.

    Affected versions of this package are vulnerable to Server-side request forgery (SSRF) due to using an insecure instance of Metadata Service.

    How to fix Server-side request forgery (SSRF)?

    Upgrade ec2-metadata to version 2.2.0 or higher.

    [,2.2.0)
    Go back to all versions of this package