{"vulnerability": "CVE-2022-30321", "sightings": [{"uuid": "264b70ae-ed82-47c4-a6c2-187768d8a2fc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-30321", "type": "seen", "source": "https://t.me/arpsyndicate/1682", "content": "#ExploitObserverAlert\n\nCVE-2022-30321\n\nDESCRIPTION: Exploit Observer has 4 entries related to CVE-2022-30321. go-getter up to 1.5.11 and 2.0.2 allowed arbitrary host access via go-getter path traversal, symlink processing, and command injection flaws. Fixed in 1.6.1 and 2.1.0.\n\nFIRST-EPSS: 0.001040000\nNVD-IS: 4.7\nNVD-ES: 3.9", "creation_timestamp": "2023-12-11T00:47:36.000000Z"}, {"uuid": "3a6a8937-ab30-4cec-a935-a52927ed2271", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-30321", "type": "seen", "source": "https://t.me/cibsecurity/43326", "content": "\u203c CVE-2022-30321 \u203c\n\nHashiCorp go-getter through 2.0.2 does not safely perform downloads (issue 1 of 3).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-05-25T16:38:12.000000Z"}]}