Server-Side Request Forgery (SSRF)

private-ip is vulnerable to Server-Side Request Forgery SSRF. The vulnerability is due to insufficient input validation due to the failure to treat multicast IP addresses 224.0.0.0/4 as private, allowing attackers to bypass protections and make unauthorized requests...

CVE-2025-8020

All versions of the package private-ip are vulnerable to Server-Side Request Forgery SSRF where an attacker can provide an IP or hostname that resolves to a multicast IP address 224.0.0.0/4 which is not included as part of the private IP ranges in the package's source code...

private-ip vulnerable to Server-Side Request Forgery

All versions of the package private-ip are vulnerable to Server-Side Request Forgery SSRF, where an attacker can provide an IP or hostname that resolves to a multicast IP address 224.0.0.0/4 which is not included as part of the private IP ranges in the package's source code...

CVE-2025-8020

All versions of the package private-ip are vulnerable to Server-Side Request Forgery SSRF where an attacker can provide an IP or hostname that resolves to a multicast IP address 224.0.0.0/4 which is not included as part of the private IP ranges in the package's source code...

CVE-2025-8020

CVE-2025-8020 affects the private-ip package. All versions are reported vulnerable to Server-Side Request Forgery (SSRF) by accepting an IP/hostname that resolves to a multicast address (224.0.0.0/4), which is not excluded by the package’s private IP range checks. Multiple sources (RH, NVD, GitHu...

Frenchbread Private-ip Code Issue Vulnerability

Frenchbread Private-ip is a Js codebase for checking if an Ip is private by Frenchbread individual developers. A security vulnerability exists in the Frenchbread Private-ip package prior to v1.0.5 that stems from insufficient regular expressions to adequately filter the reserved IP range, resulti...