Publish GHSA-p8p7-x288-28g6

github · Aug 2, 2023 · df30e8a · df30e8a
1 parent 24e796d
commit df30e8a
Showing 1 changed file with 2 additions and 2 deletions.
diff --git a/advisories/github-reviewed/2023/03/GHSA-p8p7-x288-28g6/GHSA-p8p7-x288-28g6.json b/advisories/github-reviewed/2023/03/GHSA-p8p7-x288-28g6/GHSA-p8p7-x288-28g6.json
@@ -1,13 +1,13 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-p8p7-x288-28g6",
-  "modified": "2023-07-31T15:17:07Z",
+  "modified": "2023-08-02T23:08:46Z",
   "published": "2023-03-16T15:30:19Z",
   "aliases": [
     "CVE-2023-28155"
   ],
   "summary": "Server-Side Request Forgery in Request",
-  "details": "The `request` package through 2.88.2 for Node.js and the `@cypress/request` package through 2.88.11 allow a bypass of SSRF mitigations via an attacker-controller server that does a cross-protocol redirect (HTTP to HTTPS, or HTTPS to HTTP).\n\nNOTE: The `request` package is no longer supported by the maintainer.",
+  "details": "The `request` package through 2.88.2 for Node.js and the `@cypress/request` package through 2.88.12 allow a bypass of SSRF mitigations via an attacker-controller server that does a cross-protocol redirect (HTTP to HTTPS, or HTTPS to HTTP).\n\nNOTE: The `request` package is no longer supported by the maintainer.",
   "severity": [
     {
       "type": "CVSS_V3",