The got package before 12.1.0 (also fixed in 11.8.5) for Node.js allows a redirect to a UNIX socket. https://github.com/sindresorhus/got/pull/2047 https://github.com/sindresorhus/got/compare/v12.0.3...v12.1.0 https://github.com/sindresorhus/got/releases/tag/v11.8.5
Created dotnet6.0 tracking bugs for this issue: Affects: fedora-all [bug 2102911] Created golang-ariga-atlas tracking bugs for this issue: Affects: fedora-all [bug 2102912] Created golang-entgo-ent tracking bugs for this issue: Affects: fedora-all [bug 2102913] Created grafana tracking bugs for this issue: Affects: fedora-all [bug 2102914] Created mozjs68 tracking bugs for this issue: Affects: fedora-all [bug 2102915] Created mozjs78 tracking bugs for this issue: Affects: fedora-all [bug 2102916] Created nodejs-nodemon tracking bugs for this issue: Affects: fedora-all [bug 2102917] Created nodejs:12/nodejs tracking bugs for this issue: Affects: fedora-all [bug 2102918] Created nodejs:13/nodejs tracking bugs for this issue: Affects: epel-all [bug 2102908] Created nodejs:14/nodejs tracking bugs for this issue: Affects: fedora-all [bug 2102919] Created npm-name-cli tracking bugs for this issue: Affects: fedora-all [bug 2102920] Created seamonkey tracking bugs for this issue: Affects: epel-all [bug 2102909] Affects: fedora-all [bug 2102921] Created syncthing tracking bugs for this issue: Affects: epel-all [bug 2102910] Created vagrant tracking bugs for this issue: Affects: fedora-all [bug 2102922] Created yarnpkg tracking bugs for this issue: Affects: fedora-all [bug 2102923] Created zuul tracking bugs for this issue: Affects: fedora-all [bug 2102924]
This issue has been addressed in the following products: Red Hat Software Collections for Red Hat Enterprise Linux 7 Via RHSA-2022:6389 https://access.redhat.com/errata/RHSA-2022:6389
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2022:6448 https://access.redhat.com/errata/RHSA-2022:6448
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2022:6449 https://access.redhat.com/errata/RHSA-2022:6449
This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2022:6595 https://access.redhat.com/errata/RHSA-2022:6595
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.4 Extended Update Support Via RHSA-2022:6985 https://access.redhat.com/errata/RHSA-2022:6985
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2022-33987