CVE-2025-8959
π΄ HIGHHashiCorp's go-getter library subdirectory download feature is vulnerable to symlink attacks leading to unauthorized read access beyond the designated directory boundaries. This vulnerability, identif...
Description
Request Expert ReviewHashiCorp's go-getter library subdirectory download feature is vulnerable to symlink attacks leading to unauthorized read access beyond the designated directory boundaries. This vulnerability, identified as CVE-2025-8959, is fixed in go-getter 1.7.9.
CVSS Scores
References
Additional Information
- Source
- security@hashicorp.com
- State
- Awaiting analysis
Related CVEs
CVE-2025-13237
HIGHA security flaw has been discovered in itsourcecode Inventory Management System 1.0. Affected is an unknown function of the file /LogSignModal.PHP. Th...
CVE-2025-12482
HIGHThe Booking for Appointments and Events Calendar β Amelia plugin for WordPress is vulnerable to SQL Injection via the βsearchβ parameter in all versio...
CVE-2025-13236
MEDIUMA vulnerability was identified in itsourcecode Inventory Management System 1.0. This impacts an unknown function of the file /admin/products/index.php...
CVE-2025-13235
HIGHA vulnerability was determined in itsourcecode Inventory Management System 1.0. This affects an unknown function of the file /admin/login.php. Executi...
CVE-2025-13234
MEDIUMA vulnerability was found in itsourcecode Inventory Management System 1.0. The impacted element is an unknown function of the file /index.php?q=produc...
CVE-2025-13233
HIGHA vulnerability has been found in itsourcecode Inventory Management System 1.0. The affected element is an unknown function of the file /index.php?q=s...
Share CVE-2025-8959
Share on Social Media
Copy Link
Embed Code
Request Expert Analysis
Request a professional security analysis for CVE-2025-8959 from our verified experts.
Credits System
Use your credits to get expert analysis from verified security professionals. Purchase more credits anytime!