Severity: high

    netmask npm package vulnerable to octal input data

    netmask

    Overview

    netmask npm package is vulnerable to octal input data. This may lead to server-side request forgery, remote file inclusion, local file inclusion, and other vulnerabilities.

    Remediation

    Upgrade to version 2.0.1 or later.

    Have content suggestions? Visit npmjs.com/support.

    Advisory timeline

    1. published

      Advisory Published
      Mar 29th, 2021
    2. reported

      Reported by Anonymous
      Mar 29th, 2021