Bump go-getter 1.7.2 -> 1.7.4 - Githubissues

xeol-io / xeol

A scanner for end-of-life (EOL) software and dependencies in container images, filesystems, and SBOMs

https://www.xeol.io/

Apache License 2.0

332 stars 18 forks source link

Bump go-getter 1.7.2 -> 1.7.4 #327

Closed noqcks closed 2 months ago

noqcks commented 2 months ago

ref: https://discuss.hashicorp.com/t/hcsec-2024-09-hashicorp-go-getter-vulnerable-to-argument-injection-when-fetching-remote-default-git-branches/66040