pkg:Debian/golang-github-hashicorp-go-getter

9 total CVEsCRITICAL1HIGH7MEDIUM1

✅ Check your installed version

All known vulnerabilities

  • CRITICAL9.8CVE-2024-3817Argument injection when fetching remote default Git branches in github.com/hashicorp/go-getter
    from 0
  • HIGH8.6CVE-2022-26945Resource exhaustion in github.com/hashicorp/go-getter and related modules
    from 0
  • HIGH8.6CVE-2022-30323go-getter up to 1.5.11 and 2.0.2 panicked when processing password-protected ZIP files.
    from 0
  • HIGH8.6CVE-2022-30322go-getter up to 1.5.11 and 2.0.2 allowed asymmetric resource exhaustion when go-getter processed malicious HTTP responses.
    from 0
  • HIGH8.6CVE-2022-30321go-getter up to 1.5.11 and 2.0.2 allowed arbitrary host access via go-getter path traversal, symlink processing, and command injection flaw…
    from 0
  • HIGH8.4CVE-2024-6257Code Execution on Git update in github.com/hashicorp/go-getter
    from 0
  • HIGH7.5CVE-2026-4660HashiCorp's go-getter library may allow arbitrary file reads
    from 0
  • HIGH7.5CVE-2025-8959HashiCorp go-getter Vulnerable to Symlink Attacks in github.com/hashicorp/go-getter
    from 0
  • MEDIUM4.2CVE-2023-0475Denial of service in github.com/hashicorp/go-getter/v2
    from 0