Latest vulnerabilities for "go-git project go-git go"

Where

Sort:

Versions

6.0.0-alpha1

go-git project Go-git Gogo-git: Crafted repositories may modify main and submodule .git directories

Risk 34

Severity

5.4

First published (updated )

CVE-2026-45571

go-git project Go-git Gogo-git: Improper single-quote escaping in go-git SSH transport

Risk 80

Severity

2.3

First published (updated )

CVE-2026-45570

go-git project Go-git Gogo-git: Improper parsing of specially crafted objects may lead to inconsistent interpretation compared to upstream Git

Risk 43

Severity

First published (updated )

CVE-2026-45022

go-git project Go-git Gogo-git Credential leak via cross-host redirect in smart HTTP transport

Risk 42

Severity

7.4

First published (updated )

CVE-2026-41506

go/github.com/go-git/go-git/v5go-git: Maliciously crafted idx file can cause asymmetric memory consumption

Risk 29

Severity

First published (updated )

CVE-2026-34165

go/github.com/go-git/go-git/v5go-git: Missing validation decoding Index v4 files leads to panic

Risk 15

Severity

2.8

First published (updated )

CVE-2026-33762

go-gitgo-git improperly verifies data integrity values for .idx and .pack files

Risk 16

Severity

4.3

EPSS

0.01%

First published (updated )

CVE-2026-25934

go/github.com/go-git/go-gitgo-git clients vulnerable to DoS via maliciously crafted Git server replies

Risk 31

Severity

7.5

EPSS

0.04%

First published (updated )

CVE-2025-21614

go/github.com/go-git/go-git/v5go-git has an Argument Injection via the URL field

Risk 61

Severity

9.8

EPSS

0.04%

First published (updated )

CVE-2025-21613

go/gopkg.in/src-d/go-git.v4Maliciously crafted Git server replies can lead to path traversal and RCE on go-git clients

Risk 91

Severity

9.8

First published (updated )

CVE-2023-49569

go/gopkg.in/src-d/go-git.v4Maliciously crafted Git server replies can cause DoS on go-git clients

Risk 46

Severity

7.5

First published (updated )

CVE-2023-49568

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.

Trending

Versions

go-git project Go-git Gogo-git: Crafted repositories may modify main and submodule .git directories

go-git project Go-git Gogo-git: Improper single-quote escaping in go-git SSH transport

go-git project Go-git Gogo-git: Improper parsing of specially crafted objects may lead to inconsistent interpretation compared to upstream Git

go-git project Go-git Gogo-git Credential leak via cross-host redirect in smart HTTP transport

go/github.com/go-git/go-git/v5go-git: Maliciously crafted idx file can cause asymmetric memory consumption

Don't miss critical vulnerabilities

go/github.com/go-git/go-git/v5go-git: Missing validation decoding Index v4 files leads to panic

go-gitgo-git improperly verifies data integrity values for .idx and .pack files

go/github.com/go-git/go-gitgo-git clients vulnerable to DoS via maliciously crafted Git server replies

go/github.com/go-git/go-git/v5go-git has an Argument Injection via the URL field

go/gopkg.in/src-d/go-git.v4Maliciously crafted Git server replies can lead to path traversal and RCE on go-git clients

Don't miss critical vulnerabilities

go/gopkg.in/src-d/go-git.v4Maliciously crafted Git server replies can cause DoS on go-git clients

Company

Resources

Contact