CVE-2023-42282
CVE-2023-42282 affects the Node.js ip package (pre-1.1.9) and can enable SSRF because certain IPs (e.g., 0x7f.1) are misclassified as globally routable by isPublic. The impact is SSRF to internal or restricted resources; exploitation details are not provided beyond the SSRF risk. Remediation: upg...