Vulnerabilities	1 via 1 paths
Dependencies	52
Source	GitHub
Commit	29a30b4e

Find, fix and prevent vulnerabilities in your code.

Test and protect my applications

Severity

Critical
High
Medium
1
Low

Status

Open
1
Patched
0
Ignored
0

medium severity

Open Redirect

Vulnerable module: got
Introduced through: @newrelic/nr1-community@1.2.0

Detailed paths

Introduced through: nr1-metrics-aggregator@newrelic/nr1-metrics-aggregator#29a30b4eae502b2d2c51e8603e892b3914e1f1b4 › @newrelic/nr1-community@1.2.0 › nice-color-palettes@3.0.0 › got@9.6.0

Overview

Affected versions of this package are vulnerable to Open Redirect due to missing verification of requested URLs. It allowed a victim to be redirected to a UNIX socket.

Remediation

Upgrade got to version 11.8.5, 12.1.0 or higher.

References

GitHub Diff
GitHub PR

Open Redirect vulnerability report

Vulnerabilities

Dependencies

Source