Information on source package golang-github-hashicorp-go-getter

Available versions

ReleaseVersion
buster0.0~git20160316.0.575ec4e-1
bullseye1.4.1-1
bookworm1.4.1-1
sid1.4.1-1

Open issues

BugbusterbullseyebookwormsidDescription
CVE-2022-30323vulnerable (no DSA, postponed)vulnerable (no DSA)vulnerablevulnerablego-getter up to 1.5.11 and 2.0.2 panicked when processing password-pro ...
CVE-2022-30322vulnerable (no DSA, postponed)vulnerable (no DSA)vulnerablevulnerablego-getter up to 1.5.11 and 2.0.2 allowed asymmetric resource exhaustio ...
CVE-2022-30321vulnerable (no DSA, postponed)vulnerable (no DSA)vulnerablevulnerablego-getter up to 1.5.11 and 2.0.2 allowed arbitrary host access via go- ...
CVE-2022-26945vulnerable (no DSA, postponed)vulnerable (no DSA)vulnerablevulnerablego-getter up to 1.5.11 and 2.0.2 allowed protocol switching, endless r ...

Resolved issues

BugDescription
CVE-2022-29810The Hashicorp go-getter library before 1.5.11 does not redact an SSH k ...

Search for package or bug name: Reporting problems