First published: Sat Jun 18 2022(Updated: )
A flaw was found in the `got` package for node.js. Requested URLs are not verified and allow open redirection to a local UNIX socket.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
redhat/nodejs-nodemon | <0:2.0.19-1.el9_0 | 0:2.0.19-1.el9_0 |
redhat/rh-nodejs14-nodejs-nodemon | <0:2.0.19-1.el7 | 0:2.0.19-1.el7 |
Got Project Got | <11.8.5 | |
redhat/got | <11.8.5 | 11.8.5 |
redhat/got | <12.1.0 | 12.1.0 |
<=2.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
(Appears in the following advisories)