Go Getter

1 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest

CVE-2025-8959 Go HIGH PATCH This Month

HashiCorp's go-getter library subdirectory download feature is vulnerable to symlink attacks leading to unauthorized read access beyond the designated directory boundaries. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Red Hat Hashicorp Suse Go Getter

NVD

CVSS 3.1

7.5

EPSS

0.0%

CVE-2025-8959 Go

EPSS 0% CVSS 7.5

HIGH PATCH This Month

HashiCorp's go-getter library subdirectory download feature is vulnerable to symlink attacks leading to unauthorized read access beyond the designated directory boundaries. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Red Hat Hashicorp +2

NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy