CVE-2021-27191

Published: Feb 11, 2021

Modified: Aug 3, 2024

PUBLISHED

Description

The get-ip-range package before 4.0.0 for Node.js is vulnerable to denial of service (DoS) if the range is untrusted input. An attacker could send a large range (such as 128.0.0.0/1) that causes resource exhaustion.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://github.com/JoeScho/get-ip-range/commit/98ca22b815c77273cbab259811ab0976118e13b6

x_refsource_MISC

https://www.npmjs.com/package/get-ip-range

x_refsource_MISC

https://security.netapp.com/advisory/ntap-20210319-0002/

x_refsource_CONFIRM

https://advisory.checkmarx.net/advisory/CX-2021-4304

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2021-27191

Description

Affected Products

References