Описание
HashiCorp’s go-getter library is vulnerable to argument injection when executing Git to discover remote branches. This vulnerability does not affect the go-getter/v2 branch and package.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | needed | |
| esm-apps/bionic | needed | |
| esm-apps/focal | needed | |
| esm-apps/jammy | needed | |
| esm-apps/noble | needed | |
| focal | ignored | end of standard support, was needed |
| jammy | needed | |
| mantic | ignored | end of life, was needs-triage |
| noble | needed | |
| oracular | ignored | end of life, was needed |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | DNE | |
| esm-apps/focal | needed | |
| esm-apps/jammy | needed | |
| esm-apps/noble | needed | |
| focal | ignored | end of standard support, was needed |
| jammy | needed | |
| mantic | ignored | end of life, was needs-triage |
| noble | needed | |
| oracular | ignored | end of life, was needed |
| plucky | DNE |
Показывать по
Ссылки на источники
EPSS
9.8 Critical
CVSS3
Связанные уязвимости
HashiCorp’s go-getter library is vulnerable to argument injection when executing Git to discover remote branches. This vulnerability does not affect the go-getter/v2 branch and package.
HashiCorp\u2019s go-getter library is vulnerable to argument injection ...
HashiCorp go-getter Vulnerable to Argument Injection When Fetching Remote Default Git Branches
Уязвимость библиотеки go-getter оркестратора приложений Nomad, связанная с неправильной нейтрализацией разделителей аргументов в команде, позволяющая нарушителю отформатировать URL-адрес Git, чтобы внедрить дополнительные аргументы Git в вызов Git
EPSS
9.8 Critical
CVSS3