cve/CVE-2024-29415.md at 93476d6c370e261fdc1b2b03a08066de45e4892d

admin/cve

mirror of https://github.com/0xMarcio/cve.git synced 2025-11-28 18:48:49 +00:00

0xMarcio 1fb02038e8 Update CVE sources 2025-09-29 16:08

2025-09-29 16:08:36 +00:00

Description

The ip package through 2.0.1 for Node.js might allow SSRF because some IP addresses (such as 127.1, 01200034567, 012.1.2.3, 000:0:0000::01, and ::fFFf:127.0.0.1) are improperly categorized as globally routable via isPublic. NOTE: this issue exists because of an incomplete fix for CVE-2023-42282.

POC

Reference

https://github.com/indutny/node-ip/issues/150

Github

https://github.com/Dgporte/ExerciciosDockerPB2025
https://github.com/Sharpforce/cybersecurity
https://github.com/felipecruz91/node-ip-vex
https://github.com/fkie-cad/nvd-json-data-feeds
https://github.com/lucasarasa/exec-docker-abr-2025
https://github.com/nomi-sec/PoC-in-GitHub
https://github.com/tanjiti/sec_profile
https://github.com/webpod/ip

1.1 KiB Raw Blame History

CVE-2024-29415

Description

POC

Reference

Github

1.1 KiB

Raw Blame History