7 matches found
@ajesus37/node-portcheck (=1.0.0), @hzabala/tplinkcloud-api-client (=1.0.0) +57 more potentially affected by CVE-2021-27191 via get-ip-range (=2.1.1)
get-ip-range NPM version =2.1.1 is affected by a known vulnerability. The following packages have a transitive dependency on get-ip-range and may be impacted: - @ajesus37/node-portcheck =1.0.0 - @hzabala/tplinkcloud-api-client =1.0.0 - @julusian/tp-link-tapo-connect =2.1.0-0 -...
GHSA-6Q4W-3WP4-Q5WF Denial of Service in get-ip-range
The get-ip-range package before 4.0.0 for Node.js is vulnerable to denial of service DoS if the range is untrusted input. An attacker could send a large range such as 128.0.0.0/1 that causes resource exhaustion. Update get-ip-range dependency to 4.0.0 or above...
CVE-2021-27191
The get-ip-range package before 4.0.0 for Node.js is vulnerable to denial of service DoS if the range is untrusted input. An attacker could send a large range such as 128.0.0.0/1 that causes resource exhaustion...
CVE-2021-27191
The get-ip-range package before 4.0.0 for Node.js is vulnerable to denial of service DoS if the range is untrusted input. An attacker could send a large range such as 128.0.0.0/1 that causes resource exhaustion...
Privilege escalation
The get-ip-range package before 4.0.0 for Node.js is vulnerable to denial of service DoS if the range is untrusted input. An attacker could send a large range such as 128.0.0.0/1 that causes resource exhaustion...
CVE-2021-27191
The get-ip-range package before 4.0.0 for Node.js is vulnerable to denial of service DoS if the range is untrusted input. An attacker could send a large range such as 128.0.0.0/1 that causes resource exhaustion...
CVE-2021-27191
The CVE-2021-27191 issue affects the get-ip-range package for Node.js prior to 4.0.0. It allows denial of service when parsing large/untrusted IP ranges (for example 128.0.0.0/1), leading to resource exhaustion. Remediation is to upgrade to version 4.0.0 or newer. This vulnerability is corroborat...