CVE-2022-30321

go-getter up to 1.5.11 and 2.0.2 allowed arbitrary host access via go-getter path traversal, symlink processing, and command injection flaws. Fixed in 1.6.1 and 2.1.0.
Configurations

Configuration 1

cpe:2.3:a:hashicorp:go-getter:2.0.2:*:*:*:*:*:*:*
cpe:2.3:a:hashicorp:go-getter:*:*:*:*:*:*:*:*

Information

Published : 2022-05-25 12:15

Updated : 2022-11-21 04:33


NVD link : CVE-2022-30321

Mitre link : CVE-2022-30321

Products Affected