Search CVE reports
1 result
CVE-2024-3817
Medium priorityHashiCorp’s go-getter library is vulnerable to argument injection when executing Git to discover remote branches. This vulnerability does not affect the go-getter/v2 branch and package.
2 affected packages
golang-github-hashicorp-go-getter, golang-github-jesseduffield-go-getter
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
golang-github-hashicorp-go-getter | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | — |
golang-github-jesseduffield-go-getter | Needs evaluation | Needs evaluation | Needs evaluation | — | — |