📦 Go Getter

HashiCorp's go-getter library is vulnerable to argument injection when executing Git commands to discover remote branches. This allows attackers to inject arbitrary arguments into Git commands, potent...

This vulnerability in the go-getter library allows attackers to bypass security controls, switch protocols, and create endless redirects by manipulating custom HTTP response headers. It affects applic...

CVE-2025-8959 is a symlink attack vulnerability in HashiCorp's go-getter library that allows attackers to read files outside the intended download directory by exploiting the subdirectory download fea...

CVE-2024-6257 is a vulnerability in HashiCorp's go-getter library where an attacker can manipulate Git configuration files to execute arbitrary code during Git update operations. This affects any appl...

This vulnerability in the go-getter library allows attackers to perform path traversal, symlink processing, and command injection attacks, potentially leading to arbitrary file access and remote code ...

This vulnerability in go-getter library causes a panic (crash) when processing password-protected ZIP files. It affects applications using go-getter up to versions 1.5.11 and 2.0.2 for file retrieval ...