Known CVE vulnerabilities and GitHub Security Advisories affecting the npm package netmask, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (2)
CVE-2021-28918 — CVSS 9.1 (critical): Improper input validation of octal strings in netmask npm package v1.0.6 and below allows unauthenticated remote attackers to perform…
CVE-2021-29418 — CVSS 5.3 (medium): The netmask package before 2.0.1 for Node.js mishandles certain unexpected characters in an IP address string, such as an octal digit of 9…