Описание
HashiCorp go-getter Vulnerable to Symlink Attacks
HashiCorp's go-getter library subdirectory download feature is vulnerable to symlink attacks leading to unauthorized read access beyond the designated directory boundaries. This vulnerability, identified as CVE-2025-8959, is fixed in go-getter 1.7.9.
Пакеты
github.com/hashicorp/go-getter
< 1.7.9
1.7.9
Связанные уязвимости
HashiCorp's go-getter library subdirectory download feature is vulnerable to symlink attacks leading to unauthorized read access beyond the designated directory boundaries. This vulnerability, identified as CVE-2025-8959, is fixed in go-getter 1.7.9.
HashiCorp's go-getter library subdirectory download feature is vulnerable to symlink attacks leading to unauthorized read access beyond the designated directory boundaries. This vulnerability, identified as CVE-2025-8959, is fixed in go-getter 1.7.9.
HashiCorp's go-getter library subdirectory download feature is vulnerable to symlink attacks leading to unauthorized read access beyond the designated directory boundaries. This vulnerability, identified as CVE-2025-8959, is fixed in go-getter 1.7.9.
HashiCorp's go-getter library subdirectory download feature is vulnera ...
Уязвимость библиотеки Go Getter, связанная с некорректным определением символических ссылок перед доступом к файлу, позволяющая нарушителю получить несанкционированный доступ на чтение защищаемой информации