Lucene search

CVE-2024-6257 HashiCorp go-getter Vulnerable to Code Execution On Git Update Via Git Config Manipulation

🗓️ 25 Jun 2024 16:03:31Reported by HashiCorpType

HashiCorp go-getter library CVE-2024-6257 vulnerabilit

5 of 5AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 56
Tenable Nessus	CBL Mariner 2.0 Security Update: terraform (CVE-2024-6257)	6 Aug 202400:00	–	nessus
Tenable Nessus	Fedora 39 : opentofu (2024-35147eb6ad)	8 Aug 202400:00	–	nessus
Tenable Nessus	Fedora 40 : opentofu (2024-c83208238d)	8 Aug 202400:00	–	nessus
Tenable Nessus	Fedora 41 : opentofu (2024-8669c2a944)	15 Nov 202400:00	–	nessus
Tenable Nessus	openSUSE 15 Security Update : trivy (openSUSE-SU-2024:0268-1)	31 Aug 202400:00	–	nessus
Tenable Nessus	openSUSE 15 Security Update : trivy (openSUSE-SU-2024:0269-1)	31 Aug 202400:00	–	nessus
OSV	CGA-GRWC-XWH5-VFHW	26 Jun 202412:04	–	osv
OSV	CGA-7RQ5-JPH4-8HG2	15 Jul 202421:54	–	osv
OSV	CGA-2RF9-X5M2-8CMG	15 Jul 202421:51	–	osv
OSV	CGA-G2GW-MH57-3GFM	15 Jul 202421:57	–	osv

[
  {
    "defaultStatus": "unaffected",
    "platforms": [
      "64 bit",
      "32 bit",
      "x86",
      "ARM",
      "MacOS",
      "Windows",
      "Linux"
    ],
    "product": "Shared library",
    "repo": "https://github.com/hashicorp/go-getter",
    "vendor": "HashiCorp",
    "versions": [
      {
        "lessThan": "1.7.4",
        "status": "affected",
        "version": "0",
        "versionType": "semver"
      }
    ]
  }
]

Source	Link
discuss	www.discuss.hashicorp.com/t/hcsec-2024-13-hashicorp-go-getter-vulnerable-to-code-execution-on-git-update-via-git-config-manipulation/68081

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

25 Jun 2024 16:31Current

CVSS38.4

EPSS0.00095

CWE-77