Описание
HashiCorp’s go-getter library can be coerced into executing Git update on an existing maliciously modified Git Configuration, potentially leading to arbitrary code execution.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
EPSS
8.4 High
CVSS3
8.8 High
CVSS3
Дефекты
Связанные уязвимости
HashiCorp’s go-getter library can be coerced into executing Git update on an existing maliciously modified Git Configuration, potentially leading to arbitrary code execution.
HashiCorp’s go-getter library can be coerced into executing Git update on an existing maliciously modified Git Configuration, potentially leading to arbitrary code execution.
HashiCorp go-getter Vulnerable to Code Execution On Git Update Via Git Config Manipulation
HashiCorp\u2019s go-getter library can be coerced into executing Git u ...
HashiCorp go-getter Vulnerable to Code Execution On Git Update Via Git Config Manipulation
EPSS
8.4 High
CVSS3
8.8 High
CVSS3