[
{
"description": "validation of ipv4 strings",
"schema": {
"format": "ipv4"
},
"tests": [
{
"description": "leading zeroes should be rejected, as they are treated as octal values",
"comment": "see https://sick.codes/universal-netmask-npm-package-used-by-270000-projects-vulnerable-to-octal-input-data-server-side-request-forgery-remote-file-inclusion-local-file-inclusion-and-more-cve-2021-28918/",
"data": "087.10.0.1",
"valid": false
},
{
"description": "leading zeroes should be rejected, even if not a valid octal value",
"data": "099.10.0.1",
"valid": false
},
{
"description": "value without leading zero is valid",
"data": "87.10.0.1",
"valid": true
},
{
"description": "non-ascii digits should be rejected",
"data": "1২7.0.0.1",
"valid": false
}
]
}
]