CVE-2022-33987

Source

https://nvd.nist.gov/vuln/detail/CVE-2022-33987

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-33987.json

Aliases

• GHSA-pfrx-2q88-qq97

Related

• ALSA-2022:6448
• ALSA-2022:6595
• RLSA-2022:6448
• RLSA-2022:6449
• RLSA-2022:6595

Published

2022-06-18T21:15:07Z

Modified

2023-11-08T04:09:41.125694Z

Details

The got package before 12.1.0 (also fixed in 11.8.5) for Node.js allows a redirect to a UNIX socket.

References

• https://github.com/sindresorhus/got/compare/v12.0.3...v12.1.0
• https://github.com/sindresorhus/got/pull/2047
• https://github.com/sindresorhus/got/releases/tag/v11.8.5