CVE-2023-42282 | NPM IP Package up to 1.1.8 isPublic information disclosure

Inserito da Angelo Barbosa | Feb 8, 2024 | CVE

A vulnerability, which was classified as problematic, has been found in NPM IP Package up to 1.1.8. This issue affects the function isPublic. The manipulation leads to information disclosure.

The identification of this vulnerability is CVE-2023-42282. Access to the local network is required for this attack to succeed. There is no exploit available.

CVE-2023-42282 | NPM IP Package up to 1.1.8 isPublic information disclosure

Post correlati

CVE-2024-44439 | Shanghai Zhouma Network Technology IMS Intelligent Manufacturing Collaborative Internet of Things System Privilege Escalation

CVE-2024-34447 | Bouncy Castle up to 1.77 certificate validation

CVE-2023-46919 | Simple HTTP Server/Simple HTTP Server PLUS 1.8 hard-coded key

CVE-2024-21510 | sinatra Header X-Forwarded-Host reliance on untrusted inputs in a security decision (SNYK-RUBY-SINATRA-6483832)