First published: Thu Feb 08 2024(Updated: )
An issue in NPM IP Package v.1.1.8 and before allows an attacker to execute arbitrary code and obtain sensitive information via the isPublic() function. <a href="https://cosmosofcyberspace.github.io/npm_ip_cve/npm_ip_cve.html">https://cosmosofcyberspace.github.io/npm_ip_cve/npm_ip_cve.html</a> <a href="https://github.com/indutny/node-ip">https://github.com/indutny/node-ip</a>
Credit: cve@mitre.org cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
debian/node-ip | <=1.1.5-3<=1.1.5-5<=2.0.0+~1.1.0-1 | |
ubuntu/node-ip | <1.1.5-1ubuntu0.1~ | 1.1.5-1ubuntu0.1~ |
ubuntu/node-ip | <1.1.5-5ubuntu0.1~ | 1.1.5-5ubuntu0.1~ |
ubuntu/node-ip | <1.1.5+~1.1.0-1ubuntu0.1~ | 1.1.5+~1.1.0-1ubuntu0.1~ |
ubuntu/node-ip | <2.0.0+~1.1.0-1ubuntu0.1 | 2.0.0+~1.1.0-1ubuntu0.1 |
ubuntu/node-ip | <1.1.9<2.0.1 | 1.1.9 2.0.1 |
npm/ip | <1.1.9 | 1.1.9 |
npm/ip | =2.0.0 | 2.0.1 |
Fedorindutny Ip | <=1.1.8 | |
Fedorindutny Ip | =2.0.0 | |
Fedorindutny Ip | <1.1.9 | |
redhat/nodejs-ip | <1.1.9 | 1.1.9 |
redhat/nodejs-ip | <2.0.1 | 2.0.1 |
IBM Cognos Analytics | <=12.0.0-12.0.3 | |
IBM Cognos Analytics | <=11.2.0-11.2.4 FP3 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.