Vulnerabilities

 1 via 1 paths

Dependencies

 59

Source

 GitHub

Commit

 b0aa9bbe

Find, fix and prevent vulnerabilities in your code.

Test and protect my applications
Severity
  • 1
Status
  • 1
  • 0
  • 0

medium severity

Open Redirect

  • Vulnerable module: got
  • Introduced through: @newrelic/nr1-community@1.2.0

Detailed paths

  • Introduced through: nr1-kentik-network-monitoring@newrelic/nr1-kentik-network-monitoring#b0aa9bbebd35ad1aa837df62622373e65fcacd0d @newrelic/nr1-community@1.2.0 nice-color-palettes@3.0.0 got@9.6.0

Overview

Affected versions of this package are vulnerable to Open Redirect due to missing verification of requested URLs. It allowed a victim to be redirected to a UNIX socket.

Remediation

Upgrade got to version 11.8.5, 12.1.0 or higher.

References

Open Redirect vulnerability report