7.3 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
6.8 Medium
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
45.0%
Vulnerability of uv_getaddrinfo() function (src/unix/getaddrinfo.c, src/win/getaddrinfo.c) of libuv asynchronous I/O library is related to insufficient checking of incoming requests.
libuv asynchronous I/O is due to insufficient checking of incoming requests. Exploitation
of the vulnerability could allow a remote attacker to launch an SSRF attack.
7.3 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
6.8 Medium
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
45.0%