What is CVE-2022-33987?

A medium-severity vulnerability has been identified in the got package for Node.js, allowing an unauthorized redirect to a UNIX socket. Immediate attention is required to mitigate potential risks.

What is the severity of CVE-2022-33987?

CVE-2022-33987 has a severity rating of MEDIUM with a CVSS base score of 5.3.

CVE-2022-33987 | Medium Vulnerability in got

The got package before 12.1.0 (also fixed in 11.8.5) for Node.js allows a redirect to a UNIX socket. This vulnerability, classified as medium severity with a CVSS score of 5.3, poses a risk to organizations utilizing this package. The vulnerability is exploitable over the network with low complexity, requiring no privileges or user interaction.

Risk to organizations includes potential unauthorized access to UNIX socket, which could lead to data integrity issues. While there are no known exploits in the wild, organizations should prioritize patching to mitigate any risks associated with this vulnerability.

Organizations should address this vulnerability in their priority patch cycle to ensure their applications remain secure.

The vulnerability was published on June 18, 2022, and it has been modified since. Continuous monitoring and timely remediation are essential for maintaining security.

Vulnerability Details

The got package before version 12.1.0 is vulnerable, allowing unintended redirects to UNIX sockets. The official CVSS score is 5.3, classified as medium severity. The impact includes low integrity and no confidentiality or availability impact. The vulnerability type is categorized under the NVD, with no specific CWE classification available.

Technical Analysis

The root cause of this vulnerability is the lack of validation for redirect targets, which allows attackers to redirect to unauthorized UNIX sockets. This flaw can be exploited over the network, with a low attack complexity. No privileges are required, and user interaction is not needed. The confidentiality impact is none, while the integrity impact is low, and availability is not affected.

Risk & Impact Analysis

Real-world deployment risk includes potential unauthorized access leading to data integrity issues, which is critical for organizations relying on the got package. The blast radius for this vulnerability can be significant, especially in environments where sensitive data is handled. Organizations must assess the urgency of addressing this vulnerability, given its CVSS score of 5.3, indicating a medium level of risk.

Signal	Status
Known Exploit	No
Public PoC	No
Actively Exploited	No
Ransomware Use	No

Affected Versions

All versions of the got package prior to 12.1.0 and including 11.8.5 are vulnerable. Organizations should ensure they are running the patched versions to mitigate this risk.

Mitigation & Remediation

Organizations should upgrade to the latest version of the got package to remediate this vulnerability. The fixed version is 12.1.0 or later. If an immediate patch is not possible, consider implementing network controls to restrict access to potentially vulnerable components. Additionally, organizations may want to conduct regular penetration testing to identify and mitigate similar vulnerabilities in their systems.

Regular monitoring for updates and vulnerabilities in dependencies is crucial for maintaining security.

Detection Guidance

Organizations should monitor logs for any unusual access patterns to UNIX sockets. Behavioral anomalies such as unexpected redirects should be flagged. Implementing network signatures that can detect unauthorized access attempts to these sockets can also help in early detection.

AppSecure Threat Intelligence Insight

The long-term significance of this vulnerability lies in the potential for similar flaws to arise in other packages. Security teams should recognize the importance of proactive vulnerability management and continuous monitoring of third-party dependencies. The trend towards increased scrutiny of package security highlights the need for robust security practices.

Organizations can benefit from improving their security posture by adopting a comprehensive penetration testing methodology that regularly assesses the security of their applications.

In conclusion, staying ahead of vulnerabilities like CVE-2022-33987 is crucial for organizations to protect their assets and maintain trust.

For further security insights, consider exploring the AppSecure resources on vulnerability management programs and continuous security improvements.

Organizations should take this opportunity to reassess their security strategies to better handle future vulnerabilities.

Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.

CVE ID	Title	Severity	Vulnerability Type	Published
CVE-2025-65418	CVE-2025-65418: High Vulnerability in docuFORM Managed Print Service Client	HIGH	Path Traversal	May 11, 2026
CVE-2025-65417	CVE-2025-65417: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	XSS	May 11, 2026
CVE-2025-65416	CVE-2025-65416: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	Unrestricted File Upload	May 11, 2026
CVE-2025-65415	CVE-2025-65415: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	Session Fixation	May 11, 2026
CVE-2025-61314	CVE-2025-61314: High Vulnerability in GmbH Mecury Managed Print Services	HIGH	XSS	May 11, 2026

CVE-2022-33987: Medium Vulnerability in got_project got