View all vulnerabilities

CVE-2022-33987

Got allows a redirect to a UNIX socket

Description

The got package before 11.8.5 and 12.1.0 for Node.js allows a redirect to a UNIX socket.
Patch Available

Fix available through Seal Security. No upgrade required, protect your application instantly.

Fix without upgrading
Vulnerability Details
Score
5.3
Score Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
Affected Versions
got >= 12.0.0 < 12.1.0; got < 11.8.5
Severity
Medium
Medium
Medium
Ecosystem
JavaScript
Publish Date
June 18, 2022
Modified Date
November 7, 2023