3 matches found
CVE-2022-25876 Server-side Request Forgery (SSRF)
The package link-preview-js before 2.1.16 are vulnerable to Server-side Request Forgery SSRF which allows attackers to send arbitrary requests to the local network and read the response. This is due to flawed DNS rebinding protection...
CVE-2022-25876
CVE-2022-25876 affects the npm package link-preview-js prior to version 2.1.16. The vulnerability is Server-side Request Forgery (SSRF) caused by flawed DNS rebinding protection, allowing an attacker to make arbitrary requests from the vulnerable host to the local network and read responses. Affe...
react-native-url-preview (=1.1.9), react-native-url-preview-tgp (=1.1.9) +1 more potentially affected by CVE-2022-25876 via link-preview-js (>=2.0.4 <=2.1.13)
link-preview-js NPM version =2.0.4, =2.1.4, =2.2.0 Source cves: CVE-2022-25876 Source advisory: SNYK:JS-LINKPREVIEWJS-2933520...