The got package before 12.1.0 (also fixed in 11.8.5) for Node.js allows a redirect to a UNIX socket.
References
Link | Resource |
---|---|
https://github.com/sindresorhus/got/compare/v12.0.3...v12.1.0 | Patch Third Party Advisory |
https://github.com/sindresorhus/got/pull/2047 | Patch Third Party Advisory |
https://github.com/sindresorhus/got/releases/tag/v11.8.5 | Patch Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2022-06-18T20:51:12
Updated: 2022-06-22T13:05:16
Reserved: 2022-06-18T00:00:00
Link: CVE-2022-33987
JSON object: View
NVD Information
Status : Analyzed
Published: 2022-06-18T21:15:07.933
Modified: 2022-06-28T16:15:31.270
Link: CVE-2022-33987
JSON object: View
Redhat Information
No data.
CWE