Vulnerability Database
Blog
FAQ
Docs
CVE-2022-33987
Source
https://nvd.nist.gov/vuln/detail/CVE-2022-33987
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-33987.json
Aliases
GHSA-pfrx-2q88-qq97
Related
ALSA-2022:6448
ALSA-2022:6595
RLSA-2022:6448
RLSA-2022:6449
RLSA-2022:6595
Published
2022-06-18T21:15:07Z
Modified
2023-11-08T04:09:41.125694Z
Details
The got package before 12.1.0 (also fixed in 11.8.5) for Node.js allows a redirect to a UNIX socket.
References
https://github.com/sindresorhus/got/compare/v12.0.3...v12.1.0
https://github.com/sindresorhus/got/pull/2047
https://github.com/sindresorhus/got/releases/tag/v11.8.5
Affected packages
Git
/
github.com/sindresorhus/got
Affected ranges
Type
GIT
Repo
https://github.com/sindresorhus/got
Events
Introduced
0
The exact introduced commit is unknown
Fixed
5e17bb748c260b02e4cf716c2f4079a1c6a7481e
CVE-2022-33987 - OSV