CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-3817

HashiCorp’s go-getter library is vulnerable to argument injection when executing Git to discover remote branches. This vulnerability does not affect the go-getter/v2 branch and package.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.011

EPSS Ranking 77.8%

CVSS Severity

CVSS v3 Score 9.8

References

Products affected by CVE-2024-3817

Hashicorp » Go-Getter » Version: 1.5.10

cpe:2.3:a:hashicorp:go-getter:1.5.10
Hashicorp » Go-Getter » Version: 1.5.11

cpe:2.3:a:hashicorp:go-getter:1.5.11
Hashicorp » Go-Getter » Version: 1.5.9

cpe:2.3:a:hashicorp:go-getter:1.5.9
Hashicorp » Go-Getter » Version: 1.6.0

cpe:2.3:a:hashicorp:go-getter:1.6.0
Hashicorp » Go-Getter » Version: 1.6.1

cpe:2.3:a:hashicorp:go-getter:1.6.1
Hashicorp » Go-Getter » Version: 1.6.2

cpe:2.3:a:hashicorp:go-getter:1.6.2
Hashicorp » Go-Getter » Version: 1.7.0

cpe:2.3:a:hashicorp:go-getter:1.7.0
Hashicorp » Go-Getter » Version: 1.7.1

cpe:2.3:a:hashicorp:go-getter:1.7.1
Hashicorp » Go-Getter » Version: 1.7.2

cpe:2.3:a:hashicorp:go-getter:1.7.2
Hashicorp » Go-Getter » Version: 1.7.3

cpe:2.3:a:hashicorp:go-getter:1.7.3

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-3817

Products

Pricing

Contact Us