CVE-2020-28360

EPSS 2.41% · P85 Updated Feb 24, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2020-28360

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

Insufficient RegEx in private-ip npm package v1.0.5 and below insufficiently filters reserved IP ranges resulting in indeterminate SSRF. An attacker can perform a large range of requests to ARIN reserved IP ranges, resulting in an indeterminable number of critical attack vectors, allowing remote attackers to request server-side resources or potentially execute arbitrary code through various SSRF techniques.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

Frenchbread Private-ip 代码问题漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Frenchbread Private-ip是Frenchbread个人开发者的一个用于检查Ip是否为私有的Js代码库。 Frenchbread Private-ip package v1.0.5之前版本存在安全漏洞，该漏洞源于正则表达式不足，无法充分过滤保留的IP范围，导致SSRF不确定。攻击者可利用该漏洞可以对ARIN保留的IP范围执行大量请求，导致无法确定关键攻击向量的数量，从而允许远程攻击者可利用该漏洞通过各种SSRF技术请求服务器端资源或潜在地执行任意代码。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2020-28360

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2020-28360

请登录查看更多情报信息。

https://www.npmjs.com/package/private-ipx_refsource_MISC
https://github.com/frenchbread/private-ipx_refsource_MISC
https://nvd.nist.gov/vuln/detail/CVE-2020-28360

Same Patch Batch · n/a · 2020-11-23 · 32 CVEs total

CVE-2020-7777	7.2 HIGH	Arbitrary Code Execution
CVE-2020-28864		Winscp 缓冲区错误漏洞
CVE-2020-0569		Intel PROSet/Wireless WiFi Software 缓冲区错误漏洞
CVE-2020-28053		Hashicorp HashiCorp Consul 安全漏洞
CVE-2020-27985		Security Onion Solutions Security Onion 安全漏洞
CVE-2020-28421		Broadcom CA Unified Infrastructure Management 安全漏洞
CVE-2019-14553		EDK2 授权问题漏洞
CVE-2019-14559		EDK2 资源管理错误漏洞
CVE-2019-14562		EDK2 输入验证错误漏洞
CVE-2019-14563		EDK2 输入验证错误漏洞
CVE-2019-14575		EDK2 安全漏洞
CVE-2019-14586		EDK2 资源管理错误漏洞
CVE-2019-14587		EDK2 安全漏洞
CVE-2020-12351		Linux kernel 输入验证错误漏洞
CVE-2020-12352		Linux kernel 信息泄露漏洞
CVE-2020-6939		Tableau Software Server 授权问题漏洞
CVE-2020-28984		SPIP 安全漏洞
CVE-2020-28896		Mutt和NeoMutt 安全漏洞
CVE-2020-28927		Magicpin 跨站脚本漏洞
CVE-2020-15436		Linux kernel 资源管理错误漏洞

Showing top 20 of 32 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2020-28360

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2020-28360

I. Basic Information for CVE-2020-28360

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2020-28360

III. Intelligence Information for CVE-2020-28360

Same Patch Batch · n/a · 2020-11-23 · 32 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2020-28360

Leave a comment