RSS   Vulnerabilities for 'Go-getter'   RSS

2022-05-25
 
CVE-2022-26945

CWE-77
 

 
HashiCorp go-getter before 2.0.2 allows Command Injection.

 
2022-04-27
 
CVE-2022-29810

CWE-532
 

 
The Hashicorp go-getter library before 1.5.11 could write SSH credentials into its logfile, exposing sensitive credentials to local users able to read the logfile.

 

 >>> Vendor: Hashicorp 15 Products
Sentinel
Vault
Vagrant vmware fusion
Vagrant
Terraform
Consul
Nomad
Packer
Terraform enterprise
Vault-ssh-helper
Go-slug
Vault provider for secrets store csi driver
Terraform provider
Vault-action
Go-getter


Copyright 2024, cxsecurity.com

 

Back to Top