ip <=1.1.8
Severity: high
NPM IP package vulnerable to Server-Side Request Forgery (SSRF) attacks - https://github.com/advisories/GHSA-78xj-cgh5-2h22
fix available via `npm audit fix`
node_modules/urllib/node_modules/ip
urllib 2.27.0 - 3.0.0-alpha.1
Depends on vulnerable versions of ip
node_modules/urllib
2 high severity vulnerabilities
I have no control over the source code, so just want to ask in case this version is still maintained.
https://github.com/node-modules/urllib/releases/tag/2.41.0
node 20.11.0 npm 10.2.4