CVE-2022-29810 — Vulnetix

Try Vulnetix Request Demo

CVE-2022-29810 PUBLISHED

Reported by mitre · Published April 27, 2022

The Hashicorp go-getter library before 1.5.11 does not redact an SSH key from a URL query parameter.

Affected Products

Vendor	Product	Versions
n/a	n/a	n/a
n/a	n/a	n/a, n/a
github.com	hashicorp/go-getter	0, 0

Timeline

Apr 27, 2022 EPSS Score
Apr 27, 2022 CVE Published
Jun 15, 2022 EPSS Score
Aug 4, 2022 EPSS Score
Sep 23, 2022 EPSS Score
Nov 11, 2022 EPSS Score
Dec 30, 2022 EPSS Score
Feb 17, 2023 EPSS Score
Mar 7, 2023 EPSS Score
Apr 7, 2023 EPSS Score
May 26, 2023 EPSS Score
Jul 15, 2023 EPSS Score

References

x_refsource_MISC
x_refsource_MISC
x_refsource_MISC
https://nvd.nist.gov/vuln/detail/CVE-2022-29810 advisory
https://github.com/advisories/GHSA-27rq-4943-qcwp advisory

Open in Interactive Console →