Debian Linux Security Advisory 5638-1 - It was discovered that the uv_getaddrinfo() function in libuv, an asynchronous event notification library, incorrectly truncated certain hostnames, which may result in bypass of security measures on internal APIs or SSRF attacks.
8a07ccb73b022376fe2ad526d9e79f96a2d1684fb96135ae73b42313547393c9