High severityNVD Advisory· Published Feb 11, 2021· Updated Aug 3, 2024
CVE-2021-27191
CVE-2021-27191
Description
The get-ip-range package before 4.0.0 for Node.js is vulnerable to denial of service (DoS) if the range is untrusted input. An attacker could send a large range (such as 128.0.0.0/1) that causes resource exhaustion.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
get-ip-rangenpm | < 4.0.0 | 4.0.0 |
Affected products
2- Node.js/get-ip-rangedescription
Patches
Vulnerability mechanics
References
7- github.com/advisories/GHSA-6q4w-3wp4-q5wfghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2021-27191ghsaADVISORY
- advisory.checkmarx.net/advisory/CX-2021-4304ghsax_refsource_MISCWEB
- github.com/JoeScho/get-ip-range/commit/98ca22b815c77273cbab259811ab0976118e13b6ghsax_refsource_MISCWEB
- security.netapp.com/advisory/ntap-20210319-0002ghsaWEB
- security.netapp.com/advisory/ntap-20210319-0002/mitrex_refsource_CONFIRM
- www.npmjs.com/package/get-ip-rangeghsax_refsource_MISCWEB
News mentions
0No linked articles in our index yet.