Red Hat Security Advisory 2024-4756-03 - An update for libuv is now available for Red Hat Enterprise Linux 9. Issues addressed include a server-side request forgery vulnerability.
079553bb1160a89cc126601d7584c8151b5be508ee4b4f807427a8785d63348f
Red Hat Security Advisory 2024-4247-03 - An update for libuv is now available for Red Hat Enterprise Linux 8. Issues addressed include a server-side request forgery vulnerability.
d34058ccdf9ff4a479a0bfa77f4b0f13461c2451643950b3d70bf81109104b12
Debian Linux Security Advisory 5638-1 - It was discovered that the uv_getaddrinfo() function in libuv, an asynchronous event notification library, incorrectly truncated certain hostnames, which may result in bypass of security measures on internal APIs or SSRF attacks.
8a07ccb73b022376fe2ad526d9e79f96a2d1684fb96135ae73b42313547393c9
Ubuntu Security Notice 6666-1 - It was discovered that libuv incorrectly truncated certain hostnames. A remote attacker could possibly use this issue with specially crafted hostnames to bypass certain checks.
3708b57f00e48056a0ff770faacabf49aa5ec9ceb551c9f97111aee2cda1ee21