CVE-2021-27191
Published
CVSS v3
7.5
HIGH
CVSS v2
5
MEDIUM
Affected
2
PROJECTS
Description
The get-ip-range package before 4.0.0 for Node.js is vulnerable to denial of service (DoS) if the range is untrusted input. An attacker could send a large range (such as 128.0.0.0/1) that causes resource exhaustion.
Simple utility to convert either CIDR notation or two IP addresses to an array of the range of IP addresses
NPM
Simple utility to convert either CIDR notation or two IP addresses to an array of the range of IP addresses
GitHub