📄 is-localhost-ip 2.0.0 Restriction Bypass

is-localhost-ip version 2.0.0 suffers from a restriction bypass vulnerability. ============================================================================================================================================= | Title : is-localhost-ip 2.0.0 Restriction Bypass | | Author : indoushka | ...

EUVD-2025-201178

An issue was discovered in the Thermo Fisher Torrent Suite Django application 5.18.1. One of the middlewares included in this application, LocalhostAuthMiddleware, authenticates users as ionadmin if the REMOTEADDR property in request.META is set to 127.0.0.1, to 127.0.1.1, or to ::1. Any user wit...

EUVD-2025-30453

Malicious code in bioql PyPI...

@andrewzagorski/admin (>=4.25.19-patch.1 <=4.25.19-patch.3), @applitools/autonomous-lib (>=1.3.4 <=4.0.251-beta.0) +147 more potentially affected by CVE-2025-9960 via is-localhost-ip (>=1.4.0 <=3.0.1)

is-localhost-ip NPM version =1.4.0, =4.25.19-patch.1, =1.3.4, =2.3.7, =1.0.0, =1.2.11, =0.5.1, =1.0.6, =1.0.0, =1.13.7, =1.0.0, =3.30.0, =4.22.1, =1.14.0, =1.14.1, =1.14.1, =1.31.7 and more Source cves: CVE-2025-9960 Source advisory: SNYK:JS-ISLOCALHOSTIP-13004668...

CVE-2025-9960

A restriction bypass vulnerability in is-localhost-ip could allow attackers to perform Server-Side Request Forgery SSRF. This issue affects is-localhost-ip: 2.0.0...

CVE-2025-9960 is-localhost-ip 2.0.0 - SSRF via Restrictions bypass

A restriction bypass vulnerability in is-localhost-ip could allow attackers to perform Server-Side Request Forgery SSRF. This issue affects is-localhost-ip: 2.0.0...

CVE-2025-9960

CVE-2025-9960 affects is-localhost-ip 2.0.0 and is a restriction bypass that enables SSRF. Public sources describe that is-localhost-ip can misclassify addresses, allowing localhost checks to be bypassed (e.g., IPv6-mapped IPv4 forms such as ::ffff:127.0.0.1) to access internal resources. Several...

PT-2025-39063

Name of the Vulnerable Software and Affected Versions is-localhost-ip version 2.0.0 Description A restriction bypass issue in is-localhost-ip may allow attackers to perform Server-Side Request Forgery SSRF. SSRF occurs when a server is tricked into making requests to unintended locations,...

is-localhost-ip 代码问题漏洞

is-localhost-ip is a tool by the individual developer Konstantin Vyatkin to check if a given host/DNS name or IPv4/IPv6 address belongs to the local computer. A code issue vulnerability exists in is-localhost-ip version 2.0.0, which stems from a restriction bypass that could lead to a server-side...

Linux Distros Unpatched Vulnerability : CVE-2006-2229

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OpenVPN 2.0.7 and earlier, when configured to use the --management option with an IP that is not 127.0.0.1, uses a cleartext password for TCP sessions to the...

Exploit for OS Command Injection in Zyxel Usg_Flex_100W_Firmware

CVE-2022-30525 CVE-2022-30525 POC exploit Usage shell u...

Citrix-ADM using localhost IP 127.0.0.1 to send syslog traffic to Splunk server

Citrix-ADM 13.0 76.29 is noted to be using localhost IP to send Syslog traffic instead of ADM IP to external Syslog server. As a result, Citrix ADM is not able to send the Syslog traffic to Splunk server successfully as seen below. A tcpdump on Citrix ADM also shows traffic is generated and sent...

Microsoft Windows 10: Localhost IP address for WebRTC (Edge)

This test checks the setting for policy OpenVAS Vulnerability Test $Id: winedgelocalhostipwebrtc.nasl 11344 2018-09-12 06:57:52Z emoss $ Check value for Prevent using Localhost IP address for WebRTC Authors: Emanuel Moss Copyright: Copyright c 2018 Greenbone Networks GmbH, http://www.greenbone.ne...

CVE-2002-2170

Working Resources Inc. BadBlue Enterprise Edition 1.7 through 1.74 attempts to restrict administrator actions to the IP address of the local host, but does not provide additional authentication, which allows remote attackers to execute arbitrary code via a web page containing an HTTP POST request...