The title says pretty much all that you need to know, the got HTTP request library for Node will follow redirects to a Unix socket. So an attacker who can invoke a request (SSRF) to a server they control could redirect that request back towards a unix socket on the local machine. The actual damage you could do with this would vary depending on what is available on the target server, but services running with a unix socket tend to be more privileged, like the docker management service is often exposed at unix:/var/run/docker.sock.

An attacker would already need some sort of SSRF issue to abuse this, but the idea of targeting unix sockets is not something I’ve considered before.