/
DirectorySecurity Advisories
Sign In
Security Advisories

CVE-2022-33987

Published

Last updated

NVD

https://nvd.nist.gov/vuln/detail/CVE-2022-33987

CGA ID

CGA-46c3-2vh3-vf2w

Severity

5.3

Medium

CVSS V3

Description

The got package before 12.1.0 (also fixed in 11.8.5) for Node.js allows a redirect to a UNIX socket.

References

  • https://images.chainguard.dev/security/CGA-46c3-2vh3-vf2w
  • https://github.com/advisories/GHSA-pfrx-2q88-qq97
  • https://github.com/sindresorhus/got/compare/v12.0.3...v12.1.0
  • https://github.com/sindresorhus/got/pull/2047
  • https://github.com/sindresorhus/got/releases/tag/v11.8.5
  • https://security-tracker.debian.org/tracker/CVE-2022-33987

Affected packages

Safe Source for Open Sourceâ„¢
Media KitContact Us
© 2024 Chainguard. All Rights Reserved.
Private PolicyTerms of Use

Product

Chainguard Images

Why Chainguard

Container Image SecurityVulnerability RemediationCompliance and Risk MitigationSoftware Supply Chain SecurityAI/ML Security

Customers

Customer StoriesChainguard Love

Company

About UsPricingOpen SourceCareersNewsroomLegal

Resources

Unchained BlogEventsTrust CenterDocumentation