Lucene search
K

6 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2025/11/28 7:3 p.m.5 views

Security Bulletin: Astronomer with IBM is vulnerable to server-side request forgery due to the node-ip package (CVE-2025-59436, CVE-2025-59437)

Summary Node-ip is used by Astronomer with IBM as part of IP address processing functionality. Vulnerability Details CVEID:CVE-2025-59436 DESCRIPTION: The ip aka node-ip package through 2.0.1 in NPM might allow SSRF because the IP address value 017700000001 is improperly categorized as globally...

3.2CVSS6.6AI score0.00115EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/09/17 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2025-59437

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The ip aka node-ip package through 2.0.1 in NPM might allow SSRF because the IP address value 0 is improperly categorized as globally routable via isPublic. NOT...

8.1CVSS6.9AI score0.08279EPSS
Exploits0References3
NVD
NVD
added 2025/09/16 6:16 a.m.3 views

CVE-2025-59437

The ip aka node-ip package through 2.0.1 in NPM might allow SSRF because the IP address value 0 is improperly categorized as globally routable via isPublic. NOTE: this issue exists because of an incomplete fix for CVE-2024-29415. NOTE: in current versions of several applications, connection...

3.2CVSS0.00115EPSS
Exploits0References2
Circl
Circl
added 2025/09/16 5:2 a.m.4 views

CVE-2025-59437

creationtimestamp| type| source ---|---|--- 2025-09-16 05:02:32+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lywk5kpazs2x...

3.2CVSS5.8AI score0.00115EPSS
Exploits0References1
vulnersOsv
vulnersOsv
added 2025/09/16 2:44 a.m.16 views

-tompan-reacttemplate (>=1.0.1 <=1.1.0), 007-nodejs (>=2.5.0 <=2.5.3) +46037 more potentially affected by CVE-2024-29415 +1 more via ip (>=0.0.1 <=2.0.1)

ip NPM version =0.0.1, =1.0.1, =2.5.0, =2.5.3 - 0726react =0.1.1 - 0me.sh =0.1.15 - 0x0.icu.anima =0.1.0 - 0xgank-tea-advice-pull =1.0.0 - 0xgank-tea-balance-pencil =1.0.0 - 0xgank-tea-brick-bell =1.0.0 - 0xgank-tea-cake-victory =1.0.0 - 0xgank-tea-central-compound =1.0.0 -...

8.1CVSS6.8AI score0.08279EPSS
Exploits0
CVE
CVE
added 2025/09/16 12:0 a.m.22 views

CVE-2025-59437

Technical details about CVE-2025-59437 are not provided in the connected documents; no affected products, impact, or fixes are listed here. Monitor for updates.

3.2CVSS6.4AI score0.00115EPSS
Exploits0References2
Rows per page
Query Builder