Debian Linux Security Advisory 5638-1 - It was discovered that the uv_getaddrinfo() function in libuv, an asynchronous event notification library, incorrectly truncated certain hostnames, which may result in bypass of security measures on internal APIs or SSRF attacks.
8a07ccb73b022376fe2ad526d9e79f96a2d1684fb96135ae73b42313547393c9
Ubuntu Security Notice 6666-1 - It was discovered that libuv incorrectly truncated certain hostnames. A remote attacker could possibly use this issue with specially crafted hostnames to bypass certain checks.
3708b57f00e48056a0ff770faacabf49aa5ec9ceb551c9f97111aee2cda1ee21