Tag

Go-Getter

1 brief RSS

HashiCorp go-getter Arbitrary File Read Vulnerability (CVE-2026-4660)

HashiCorp's go-getter library up to v1.8.5 is vulnerable to arbitrary file reads on the file system during certain git operations through a maliciously crafted URL (CVE-2026-4660), potentially allowing attackers to access sensitive information.

cve-2026-4660 file-read go-getter information-disclosure

2r 1t 1c 1i 3w ago