CRITICAL9.8CVE-2025-21613Argument Injection via the URL field in github.com/go-git/go-git from 0
CRITICAL9.8CVE-2023-49569Path traversal and RCE in github.com/go-git/go-git/v5 and gopkg.in/src-d/go-git.v4 from 0
CRITICAL9.6go-git: Improper single-quote escaping in go-git SSH transport
from 0
HIGH7.5go-git's improper parsing of specially crafted objects may lead to inconsistent interpretation compared to upstream Git
from 0
HIGH7.5Clients vulnerable to DoS via maliciously crafted Git server replies in github.com/go-git/go-git
from 0
HIGH7.5Denial of service in github.com/go-git/go-git/v5 and gopkg.in/src-d/go-git.v4
from 0
MEDIUM5.4go-git: Crafted repositories may modify main and submodule .git directories
from 0
MEDIUM5.0Maliciously crafted idx file can cause asymmetric memory consumption in github.com/go-git/go-git
from 0
MEDIUM4.7go-git: Credential leak via cross-host redirect in smart HTTP transport
from 0
MEDIUM4.3Improper verification of data integrity values for .idx and .pack files in github.com/go-git/go-git
from 0
LOW2.8Missing validation decoding Index v4 files leads to panic in github.com/go-git/go-git
from 0