Vulnerability Details CVE-2024-6257
HashiCorp’s go-getter library can be coerced into executing Git update on an existing maliciously modified Git Configuration, potentially leading to arbitrary code execution.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.01
EPSS Ranking 57.6%
CVSS Severity
CVSS v3 Score 8.4
Products affected by CVE-2024-6257
-
cpe:2.3:a:hashicorp:go-getter:-
-
cpe:2.3:a:hashicorp:go-getter:1.0.0
-
cpe:2.3:a:hashicorp:go-getter:1.0.1
-
cpe:2.3:a:hashicorp:go-getter:1.0.2
-
cpe:2.3:a:hashicorp:go-getter:1.0.3
-
cpe:2.3:a:hashicorp:go-getter:1.1.0
-
cpe:2.3:a:hashicorp:go-getter:1.2.0
-
cpe:2.3:a:hashicorp:go-getter:1.3.0
-
cpe:2.3:a:hashicorp:go-getter:1.4.0
-
cpe:2.3:a:hashicorp:go-getter:1.4.1
-
cpe:2.3:a:hashicorp:go-getter:1.4.2
-
cpe:2.3:a:hashicorp:go-getter:1.5.0
-
cpe:2.3:a:hashicorp:go-getter:1.5.1
-
cpe:2.3:a:hashicorp:go-getter:1.5.10
-
cpe:2.3:a:hashicorp:go-getter:1.5.11
-
cpe:2.3:a:hashicorp:go-getter:1.5.2
-
cpe:2.3:a:hashicorp:go-getter:1.5.3
-
cpe:2.3:a:hashicorp:go-getter:1.5.4
-
cpe:2.3:a:hashicorp:go-getter:1.5.5
-
cpe:2.3:a:hashicorp:go-getter:1.5.6
-
cpe:2.3:a:hashicorp:go-getter:1.5.7
-
cpe:2.3:a:hashicorp:go-getter:1.5.8
-
cpe:2.3:a:hashicorp:go-getter:1.5.9
-
cpe:2.3:a:hashicorp:go-getter:1.6.0
-
cpe:2.3:a:hashicorp:go-getter:1.6.1
-
cpe:2.3:a:hashicorp:go-getter:1.6.2
-
cpe:2.3:a:hashicorp:go-getter:1.7.0
-
cpe:2.3:a:hashicorp:go-getter:1.7.1
-
cpe:2.3:a:hashicorp:go-getter:1.7.2
-
cpe:2.3:a:hashicorp:go-getter:1.7.3
-
cpe:2.3:a:hashicorp:go-getter:1.7.4