CVE-2022-32212

Posted on 2022년 7월 15일2022년 7월 15일 by admin

CVE-2022-32212

A OS Command Injection vulnerability exists in Node.js versions <14.20.0, <16.20.0, <18.5.0 due to an insufficient IsAllowedHost check that can easily be bypassed because IsIPAddress does not properly check if an IP address is invalid before making DBS requests allowing rebinding attacks.

Source: CVE-2022-32212

답글 남기기 응답 취소