CVE-2025-8020

Vulnerability Description

All versions of the package private-ip are vulnerable to Server-Side Request Forgery (SSRF) where an attacker can provide an IP or hostname that resolves to a multicast IP address (224.0.0.0/4) which is not included as part of the private IP ranges in the package's source code.

Vulnerability Details

Published Date

July 23, 2025

Last Modified

July 25, 2025

Source

NVD

CVE-2025-8020

Vulnerability Description

Vulnerability Details

Discussion (0)

Add Comment