| Release | Version |
|---|---|
| buster | 1.1.5-3 |
| bullseye | 1.1.5-5 |
| bookworm | 2.0.0+~1.1.0-1 |
| trixie | 2.0.1+~1.1.3-1 |
| sid | 2.0.1+~1.1.3-1 |
| Bug | buster | bullseye | bookworm | trixie | sid | Description |
|---|---|---|---|---|---|---|
| CVE-2024-29415 | vulnerable (no DSA, postponed) | vulnerable (no DSA) | vulnerable (no DSA) | vulnerable | vulnerable | The ip package through 2.0.1 for Node.js might allow SSRF because some ... |
| CVE-2023-42282 | vulnerable (no DSA) | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | The ip package before 1.1.9 for Node.js might allow SSRF because some ... |