Hide Forgot
HashiCorp go-getter before 2.0.2 allows Command Injection. Reference: https://discuss.hashicorp.com/t/hcsec-2022-13-multiple-vulnerabilities-in-go-getter-library/39930
Created golang-github-yujunz-getter tracking bugs for this issue: Affects: fedora-all [bug 2092929]
This issue has been addressed in the following products: Red Hat OpenStack Platform 16.2 Via RHSA-2022:5673 https://access.redhat.com/errata/RHSA-2022:5673