VDB

CESS-2022-33987

CESS-2022-33987 PUBLISHED CVSS 5.3 MEDIUM

The got package before 12.1.0 (also fixed in 11.8.5) for Node.js allows a redirect to a UNIX socket.

Risk Scores

CVSS 3.1
5.3
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Timeline

  • Jun 18, 2022 CVE Published
Open in Interactive Console →
$ Console Community · 100/wk Open console ›