{"id":"CVE-2022-33987","details":"The got package before 12.1.0 (also fixed in 11.8.5) for Node.js allows a redirect to a UNIX socket.","aliases":["GHSA-pfrx-2q88-qq97"],"modified":"2026-05-15T11:54:10.611888044Z","published":"2022-06-18T20:51:12Z","related":["ALSA-2022:6448","ALSA-2022:6595","CGA-pjr6-2vw9-r72g"],"database_specific":{"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/33xxx/CVE-2022-33987.json","cna_assigner":"mitre"},"references":[{"type":"WEB","url":"https://github.com/sindresorhus/got/compare/v12.0.3...v12.1.0"},{"type":"WEB","url":"https://github.com/sindresorhus/got/releases/tag/v11.8.5"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/33xxx/CVE-2022-33987.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-33987"},{"type":"FIX","url":"https://github.com/sindresorhus/got/pull/2047"}],"schema_version":"1.7.5"}