Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2024-6257HistoryJun 25, 2024 - 5:15 p.m.
CVE-2024-6257
2024-06-2517:15:10
Debian Security Bug Tracker
security-tracker.debian.org
1
hashicorp go-getter
cve-2024-6257
git update
security bypass
arbitrary code execution
unix
8.4 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H
7.7 High
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
9.1%
HashiCorp’s go-getter library can be coerced into executing Git update on an existing maliciously modified Git Configuration, potentially leading to arbitrary code execution.
Related
redhatcve
redhatcve
CVE-2024-6257
2024-06-25 19:21:11
cve
cve
CVE-2024-6257
2024-06-25 17:15:10
cvelist
cvelist
nvd
nvd
CVE-2024-6257
2024-06-25 17:15:10
osv
osv
CGA-grwc-xwh5-vfhw
2024-06-26 12:04:24
HashiCorp go-getter Vulnerable to Code Execution On Git Update Via Git Config Manipulation
2024-06-25 18:31:22
CGA-p58v-7jgp-wxgq
2024-06-26 12:04:27
vulnrichment
vulnrichment
wolfi
wolfi
CVE-2024-6257 vulnerabilities
2024-06-28 21:08:33
github
github
8.4 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H
7.7 High
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
9.1%
Related for DEBIANCVE:CVE-2024-6257