CVE-2022-29810

Published April 27th, 2022

View on NVD ↗

CVSS v3

5.5

MEDIUM

CVSS v2

2.1

LOW

Affected

1

PROJECT

Description

The Hashicorp go-getter library before 1.5.11 does not redact an SSH key from a URL query parameter.

hashicorp/go-getter

Package for downloading things from a string URL using a variety of protocols.

GitHub

1.82K