CVE-2022-29810

CVE-2022-29810

EPSS 0.4%

The Hashicorp go-getter library before 1.5.11 does not redact an SSH key from a URL query parameter.

Produtos afetados

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://github.com/hashicorp/go-getter/commit/36b68b2f68a3ed10ee7ecbb0cb9f6b1dc5da49cc https://github.com/hashicorp/go-getter/pull/348 https://github.com/hashicorp/go-getter/releases/tag/v1.5.11