Описание
HashiCorp’s go-getter library is vulnerable to argument injection when executing Git to discover remote branches. This vulnerability does not affect the go-getter/v2 branch and package.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | needed | |
| esm-apps/bionic | needed | |
| esm-apps/focal | needed | |
| esm-apps/jammy | needed | |
| esm-apps/noble | needed | |
| focal | ignored | end of standard support, was needed |
| jammy | needed | |
| mantic | ignored | end of life, was needs-triage |
| noble | needed | |
| oracular | needed |
Показывать по
10
| Релиз | Статус | Примечание |
|---|---|---|
| devel | DNE | |
| esm-apps/focal | needed | |
| esm-apps/jammy | needed | |
| esm-apps/noble | needed | |
| focal | ignored | end of standard support, was needed |
| jammy | needed | |
| mantic | ignored | end of life, was needs-triage |
| noble | needed | |
| oracular | needed | |
| plucky | DNE |
Показывать по
10
Ссылки на источники
EPSS
Процентиль: 31%
0.00117
Низкий
9.8 Critical
CVSS3
Связанные уязвимости
CVSS3: 9.8
nvd
около 1 года назад
HashiCorp’s go-getter library is vulnerable to argument injection when executing Git to discover remote branches. This vulnerability does not affect the go-getter/v2 branch and package.
CVSS3: 9.8
debian
около 1 года назад
HashiCorp\u2019s go-getter library is vulnerable to argument injection ...
CVSS3: 9.8
github
около 1 года назад
HashiCorp go-getter Vulnerable to Argument Injection When Fetching Remote Default Git Branches
EPSS
Процентиль: 31%
0.00117
Низкий
9.8 Critical
CVSS3