gopkg.in/src-d/go-git.v4
Go4 known CVEs affecting this package
Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.
CVEs affecting gopkg.in/src-d/go-git.v4page 1 of 1
- CVE-2023-49568HIGHCVSS 7.5EG 7.52024-01-12
A denial of service (DoS) vulnerability was discovered in go-git versions prior to v5.11. This vulnerability allows an attacker to perform denial of service attacks by providing specially crafted responses from a Git server which triggers …
- CVE-2023-49569CRITICALCVSS 9.8EG 9.82024-01-12
A path traversal vulnerability was discovered in go-git versions prior to v5.11. This vulnerability allows an attacker to create and amend files across the filesystem. In the worse case scenario, remote code execution could be achieved. A…
- CVE-2025-21613CRITICALCVSS 9.8EG 9.82025-01-06
go-git is a highly extensible git implementation library written in pure Go. An argument injection vulnerability was discovered in go-git versions prior to v5.13. Successful exploitation of this vulnerability could allow an attacker to set…
- CVE-2025-21614HIGHCVSS 7.5EG 7.52025-01-06
go-git is a highly extensible git implementation library written in pure Go. A denial of service (DoS) vulnerability was discovered in go-git versions prior to v5.13. This vulnerability allows an attacker to perform denial of service attac…
Check whether gopkg.in/src-d/go-git.v4 is used in your infrastructure
EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for gopkg.in/src-d/go-git.v4 CVEs against the assets you own.
Start Free Scan →