Attack Complexity High
Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.Test your applications
- Snyk ID SNYK-UPSTREAM-NODE-2946423
- published 10 Jul 2022
- disclosed 8 Jul 2022
- credit Axel Chon
Introduced: 8 Jul 2022CVE-2022-32212 Open this link in a new tab
CWE-350 Open this link in a new tab
How to fix?
node to version 14.20.0, 16.16.0, 18.5.0 or higher.
Affected versions of this package are vulnerable to DNS Rebinding by bypassing
IsIPAddress does not properly check if an
IP address is invalid or not.
This vulnerability is a bypass of CVE-2021-22884.