Open westonphillips opened 1 year ago
Vulnerable Package issue exists @ Npm-got-8.3.2 in branch main
The got package before 11.8.5, and 12.x before 12.1.0 for Node.js allows a redirect to a UNIX socket.
Namespace: westonphillips Repository: CheckmarxOnePOV Repository Url: https://github.com/westonphillips/CheckmarxOnePOV CxAST-Project: westonphillips/CheckmarxOnePOV CxAST platform scan: 6a8170d0-38fa-4efc-81df-42628474102c Branch: main Application: CheckmarxOnePOV Severity: MEDIUM State: NOT_IGNORED Status: RECURRENT CWE: CWE-601
Additional Info Attack vector: NETWORK Attack complexity: LOW Confidentiality impact: NONE Availability impact: NONE Remediation Upgrade Recommendation: 11.8.5
References Advisory Release Note Pull request Commit
Vulnerable Package issue exists @ Npm-got-8.3.2 in branch main
The got package before 11.8.5, and 12.x before 12.1.0 for Node.js allows a redirect to a UNIX socket.
Namespace: westonphillips Repository: CheckmarxOnePOV Repository Url: https://github.com/westonphillips/CheckmarxOnePOV CxAST-Project: westonphillips/CheckmarxOnePOV CxAST platform scan: 6a8170d0-38fa-4efc-81df-42628474102c Branch: main Application: CheckmarxOnePOV Severity: MEDIUM State: NOT_IGNORED Status: RECURRENT CWE: CWE-601
Additional Info Attack vector: NETWORK Attack complexity: LOW Confidentiality impact: NONE Availability impact: NONE Remediation Upgrade Recommendation: 11.8.5
References Advisory Release Note Pull request Commit