Components
Vulnerabilities
Pricing
MCP
API
Docs
Sign up
Login
npm
@gasbuddy/service
11.4.2
@gasbuddy/service 11.4.2
Published
Oct 5, 2022
•
Policy
compliance
npm Registry
Developer Trust Score
N/A
Recommended Version:
x.y.z
Latest version with 0 known vulnerabilities that meets your policy.
Compare Versions
Overview
Overview
Versions
255
Versions
255
Vulnerabilities
53
Vulnerabilities
53
Dependencies
15
Dependencies
15
Reset filters
Severity
Critical
(0)
High
(0)
Medium
(0)
Low
(1)
CVSS Score
0.0
10.0
EPSS Score
0.0
1.0
Malware
KEV Status
Published
Filter
Sort: Published (Newest first)
2.1
CVE-2025-59437
The ip (aka node-ip) package through 2.0.1 (in NPM) might allow SSRF because the IP address value 0 is improperly categorized as globally routable via isPublic. NOTE: this issue exists because of an incomplete fix for CVE-2024-29415. NOTE: in current versions of several applications, connection attempts to the IP address 0 (interpreted as 0.0.0.0) are blocked with error messages such as net::ERR_ADDRESS_INVALID. However, in some situations that depend on both application version and operating system, connection attempts to 0 and 0.0.0.0 are considered connection attempts to 127.0.0.1 (and, for this reason, a false value of isPublic would be preferable).
affected
Severity
Low
Published
Sep 17, 2025
