VYPR

Go modules package

gitlab.com/uniget-org/cli

pkg:golang/gitlab.com/uniget-org/cli

Vulnerabilities (1)

  • CVE-2026-45152HigMay 27, 2026
    affected < 0.27.1fixed 0.27.1

    uniget is a universal installer and updater for (container) tools. Prior to 0.27.1, a command injection vulnerability exists in uniget due to unsafe execution of the check field from metadata files using /bin/bash -c. Because the check field is loaded directly from untrusted JSON