CVE-2022-30321
Published
CVSS v3
8.6
HIGH
CVSS v2
7.5
HIGH
Affected
1
PROJECT
Description
go-getter up to 1.5.11 and 2.0.2 allowed arbitrary host access via go-getter path traversal, symlink processing, and command injection flaws. Fixed in 1.6.1 and 2.1.0.
Package for downloading things from a string URL using a variety of protocols.
GitHub