Closed huntr-helper closed 3 years ago
Hey, @vasco-santos, would you mind looking at this one? Any thoughts?
After a little investigation, I found out that additional regex for ipv4 you've added is not actually needed: firstly it's at some point "code duplication" since Netmask
already does these checks, secondly it's unreachable. The issue itself has been solved by replacing is-ip
module with ip-regex
.
I'll update this PR & merge.
@Aravindha1234u (https://huntr.dev/users/Aravindha1234u) has fixed a potential Bypass private-ip filter which can lead to SSRF vulnerability in your repository 🔨. For more information, visit our website (https://huntr.dev/) or click the bounty URL below...
Q | A Version Affected | <=2.1.1 Bug Fix | YES Original Pull Request | https://github.com/418sec/private-ip/pull/1
If you are happy with this disclosure, we would love to get a CVE assigned to the vulnerability. Feel free to credit @Aravindha1234u, the discloser found in the bounty URL (below) and @huntr-helper.
User Comments:
📊 Metadata *
Bounty URL: https://huntr.dev/bounties/1-npm-private-ip
⚙️ Description *
💻 Technical Description *
Just fixed the subnet mask check and add one more step validation if its false.
🐛 Proof of Concept (PoC) *
🔥 Proof of Fix (PoF) *
👍 User Acceptance Testing (UAT)