CRITICAL9.8CVE-2025-21613Argument Injection via the URL field in github.com/go-git/go-git from 0, < 5.13.0
CRITICAL9.8CVE-2025-21613Argument Injection via the URL field in github.com/go-git/go-git from 0, < 5.13.0
CRITICAL9.8Path traversal and RCE in github.com/go-git/go-git/v5 and gopkg.in/src-d/go-git.v4
>= 5.0.0, < 5.11.0
CRITICAL9.8Path traversal and RCE in github.com/go-git/go-git/v5 and gopkg.in/src-d/go-git.v4
>= 5.0.0, < 5.11.0
CRITICAL9.6go-git: Improper single-quote escaping in go-git SSH transport
from 0, < 5.19.1
HIGH7.5go-git's improper parsing of specially crafted objects may lead to inconsistent interpretation compared to upstream Git
from 0, < 5.19.0
HIGH7.5Clients vulnerable to DoS via maliciously crafted Git server replies in github.com/go-git/go-git
from 0, < 5.13.0
HIGH7.5Clients vulnerable to DoS via maliciously crafted Git server replies in github.com/go-git/go-git
from 0, < 5.13.0
HIGH7.5Denial of service in github.com/go-git/go-git/v5 and gopkg.in/src-d/go-git.v4
from 0, < 5.11.0
HIGH7.5Denial of service in github.com/go-git/go-git/v5 and gopkg.in/src-d/go-git.v4
>= 5.0.0, < 5.11.0
MEDIUM5.4go-git: Crafted repositories may modify main and submodule .git directories
from 0, < 5.19.1
MEDIUM5.0Maliciously crafted idx file can cause asymmetric memory consumption in github.com/go-git/go-git
>= 5.0.0, < 5.17.1
MEDIUM5.0Maliciously crafted idx file can cause asymmetric memory consumption in github.com/go-git/go-git
>= 5.0.0, < 5.17.1
MEDIUM4.7go-git: Credential leak via cross-host redirect in smart HTTP transport
from 0, < 5.18.0
MEDIUM4.3Improper verification of data integrity values for .idx and .pack files in github.com/go-git/go-git
from 0, < 5.16.5
MEDIUM4.3Improper verification of data integrity values for .idx and .pack files in github.com/go-git/go-git
from 0, < 5.16.5
LOW2.8Missing validation decoding Index v4 files leads to panic in github.com/go-git/go-git
from 0, < 5.17.1
LOW2.8Missing validation decoding Index v4 files leads to panic in github.com/go-git/go-git
from 0, < 5.17.1