Fail2Ban-Dashboard---NPM

mykey/Fail2Ban-Dashboard---NPM

Fork 0

Commit Graph

Author	SHA1	Message	Date
gitea	20c6f5ead7	fix: replace vulnerable ip package with ipaddr.js + node built-ins ip had a high severity SSRF vuln (GHSA-2p57-rm9w-gvfp) with no upstream fix. Replace with: - net.isIPv4/isIPv6 (Node built-in) for format validation - ipaddr.js for CIDR subnet matching Add package-lock.json for reproducible builds (required for npm ci). Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-02-20 15:45:04 +00:00

Author

SHA1

Message

Date

gitea

20c6f5ead7

fix: replace vulnerable ip package with ipaddr.js + node built-ins

ip had a high severity SSRF vuln (GHSA-2p57-rm9w-gvfp) with no upstream fix.
Replace with:
- net.isIPv4/isIPv6 (Node built-in) for format validation
- ipaddr.js for CIDR subnet matching

Add package-lock.json for reproducible builds (required for npm ci).

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

2026-02-20 15:45:04 +00:00

1 Commits