EPSS
Percentile
83.2%
private-ip is vulnerable to server-side request forgery (SSRF). An application using the library allows an attacker to bypass the insecure regular expressions used to validate IP addresses, and perform requests on behalf of the server.
github.com/frenchbread/private-ip
github.com/frenchbread/private-ip/blob/1.0.5/src/index.js#L1-L11
www.npmjs.com/package/private-ip