pkg:Go/github.com/go-git/go-git/v4

5 total CVEsCRITICAL1HIGH1MEDIUM2LOW1

✅ Check your installed version

All known vulnerabilities

  • CRITICAL9.8CVE-2025-21613Argument Injection via the URL field in github.com/go-git/go-git
    >= 4.0.0
  • HIGH7.5CVE-2025-21614Clients vulnerable to DoS via maliciously crafted Git server replies in github.com/go-git/go-git
    >= 4.0.0
  • MEDIUM5.0CVE-2026-34165Maliciously crafted idx file can cause asymmetric memory consumption in github.com/go-git/go-git
    from 0
  • MEDIUM4.3CVE-2026-25934Improper verification of data integrity values for .idx and .pack files in github.com/go-git/go-git
    from 0
  • LOW2.8CVE-2026-33762Missing validation decoding Index v4 files leads to panic in github.com/go-git/go-git
    from 0
Go/github.com/go-git/go-git/v4 — 5 CVEs · VulnScope