Fluid Attacks Database

Description

Got allows a redirect to a UNIX socket The got package before 11.8.5 and 12.1.0 for Node.js allows a redirect to a UNIX socket.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem	Package	Affected version	Patched versions
debian 14	node-got	>=0 <11.8.3+~cs58.7.37-3	11.8.3+~cs58.7.37-3
debian 12	node-got	>=0 <11.8.3+~cs58.7.37-3	11.8.3+~cs58.7.37-3
npm	got	>=12.0.0 <12.1.0 \|\| >=0 <11.8.5	12.1.0, 11.8.5
debian 11	node-got	=11.8.1+~cs53.13.17-3 \|\| >=0 <11.8.1+~cs53.13.17-3+deb11u1	11.8.1+~cs53.13.17-3+deb11u1
debian 13	node-got	>=0 <11.8.3+~cs58.7.37-3	11.8.3+~cs58.7.37-3
rpm rhel9	gjs	-	-
rpm rhel9	dotnet6.0	-	-
rpm rhel6	firefox	-	-
rpm rhel7	firefox	-	-
rpm rhel9	grafana	-	-

1-10 of 15

Aliases

References

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.