Security: Update got package to fix UNIX socket redirect vulnerability (CVE-2022-33987)

## Description
The got package has a medium severity vulnerability (CVE-2022-33987) that could allow a redirect to a UNIX socket.

## Details
- This vulnerability affects the project through transitive dependencies
- Dependabot has flagged this as alert #3
- The vulnerability is present in got versions < 11.8.5
- Current dependency tree contains vulnerable versions (via package-json@4.0.1 → got@6.7.1)

## Proposed Solution
Add an override/resolution for got to ensure version 11.8.5 or higher is used throughout the dependency tree:



## References
- CVE-2022-33987
- GHSA-pfrx-2q88-qq97
- https://github.com/advisories/GHSA-pfrx-2q88-qq97


Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Security: Update got package to fix UNIX socket redirect vulnerability (CVE-2022-33987) #15

Description

Details

Proposed Solution

References

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Security: Update got package to fix UNIX socket redirect vulnerability (CVE-2022-33987) #15

Description

Description

Details

Proposed Solution

References

Metadata

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Issue actions