Picatz

**Name of the Vulnerable Software and Affected Versions** Hashicorp go-getter library versions prior to 1.5.11 **Description** The issue concerns the Hashicorp go-getter library, where SSH credentials could be written into its logfile. This exposes sensitive credentials to local users who have the ability to read the logfile. **Recommendations** For versions prior to 1.5.11, update to version 1.5.11 or later to resolve the issue. As a temporary workaround, consider restricting access to the logfile to minimize the risk of exploitation.