Analysis
Analysis and contextual insights are available on OpenCVE Cloud.
Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).
| Vendor | Product | Default status | Versions | ||||||
|---|---|---|---|---|---|---|---|---|---|
| HackingRepo | dssrf-js | affected |
|
No data.
No data.
| Vendor | Product | Confidence | Versions | ||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
| Hackingrepo | Dssrf-js | 100% |
|
Found an issue or want to improve our Enrichment? You can suggest it directly by opening an issue on our dedicated GitHub repository .
No vendor fix or workaround currently provided.
Additional remediation guidance may be available on OpenCVE Cloud.
Tracking
Sign in to view the affected projects.
| Source | ID | Title |
|---|---|---|
 Github GHSA |
GHSA-8p33-q827-ghj5 | dssrf: every IPv6 category bypasses is_url_safe |
Wed, 13 May 2026 11:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Hackingrepo
Hackingrepo dssrf-js |
|
| Vendors & Products |
Hackingrepo
Hackingrepo dssrf-js |
Tue, 12 May 2026 21:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | DSSRF is a Node.js library that provides a wide range of utilities and advanced SSRF defense checks. Prior to 1.3.0, every IPv6 category bypasses is_url_safe. This vulnerability is fixed in 1.3.0. | |
| Title | dssrf: every IPv6 category bypasses is_url_safe | |
| Weaknesses | CWE-791 | |
| References |
| |
| Metrics |
cvssV4_0
|
MITRE
Status: PUBLISHED
Assigner: GitHub_M
Published:
Updated: 2026-05-12T20:28:56.918Z
Reserved: 2026-05-05T15:42:40.518Z
Link: CVE-2026-44232
Vulnrichment
No data.
NVD
Status : Deferred
Published: 2026-05-12T21:16:16.270
Modified: 2026-05-13T18:21:10.270
Link: CVE-2026-44232
Redhat
No data.
OpenCVE Enrichment
Updated: 2026-05-13T10:35:45Z