CVE-2022-30323

Опубликовано: 25 мая 2022

Источник: ubuntu

Приоритет: medium

EPSS Низкий

CVSS2: 7.5

CVSS3: 8.6

Описание

go-getter up to 1.5.11 and 2.0.2 panicked when processing password-protected ZIP files. Fixed in 1.6.1 and 2.1.0.

Релиз	Статус	Примечание
bionic	ignored	end of standard support, was needs-triage
devel	needed
esm-apps/bionic	needed
esm-apps/focal	needed
esm-apps/jammy	needed
esm-apps/noble	needed
focal	ignored	end of standard support, was needed
impish	ignored	end of life
jammy	needed
kinetic	ignored	end of life, was needs-triage

Показывать по

Релиз	Статус	Примечание
devel	DNE
esm-apps/focal	needed
esm-apps/jammy	needed
esm-apps/noble	needed
focal	ignored	end of standard support, was needed
jammy	needed
mantic	ignored	end of life, was needs-triage
noble	needed
oracular	ignored	end of life, was needed
plucky	DNE

Показывать по

Ссылки на источники

EPSS

Процентиль: 59%

0.00379

Низкий

7.5 High

CVSS2

8.6 High

CVSS3

Связанные уязвимости

CVE-2022-30323

CVSS3: 8.6

redhat

больше 3 лет назад

go-getter up to 1.5.11 and 2.0.2 panicked when processing password-protected ZIP files. Fixed in 1.6.1 and 2.1.0.

CVE-2022-30323

CVSS3: 8.6

nvd

больше 3 лет назад

go-getter up to 1.5.11 and 2.0.2 panicked when processing password-protected ZIP files. Fixed in 1.6.1 and 2.1.0.

CVE-2022-30323

CVSS3: 8.6

debian

больше 3 лет назад

go-getter up to 1.5.11 and 2.0.2 panicked when processing password-pro ...

GHSA-28r2-q6m8-9hpx

CVSS3: 8.6

github

больше 3 лет назад

HashiCorp go-getter unsafe downloads could lead to asymmetric resource exhaustion

EPSS

Процентиль: 59%

0.00379

Низкий

7.5 High

CVSS2

8.6 High

CVSS3

CVE-2022-30323

Описание

Пакет golang-github-hashicorp-go-getter

Пакет golang-github-jesseduffield-go-getter

Ссылки на источники

Связанные уязвимости