VYPR

npm package

ssrf-agent

pkg:npm/ssrf-agent

Vulnerabilities (1)

  • CVE-2021-23718MedNov 22, 2021
    affected < 1.0.5fixed 1.0.5

    The package ssrf-agent before 1.0.5 are vulnerable to Server-side Request Forgery (SSRF) via the defaultIpChecker function. It fails to properly validate if the IP requested is private.