Vulnerabilities > Hashicorp > GO Getter > Medium

DATE CVE VULNERABILITY TITLE RISK
2023-02-16 CVE-2023-0475 Unspecified vulnerability in Hashicorp Go-Getter
HashiCorp go-getter up to 1.6.2 and 2.1.1 is vulnerable to decompression bombs.
network
low complexity
hashicorp
6.5
6.5
2022-04-27 CVE-2022-29810 Information Exposure Through Log Files vulnerability in Hashicorp Go-Getter
The Hashicorp go-getter library before 1.5.11 does not redact an SSH key from a URL query parameter.
local
low complexity
hashicorp CWE-532
5.5
5.5