gopkg.in/src-d/go-git.v4 (Go) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the Go package gopkg.in/src-d/go-git.v4, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (4)
CVE-2023-49569 — CVSS 9.8 (critical): A path traversal vulnerability was discovered in go-git versions prior to v5.11. This vulnerability allows an attacker to create and amend…
CVE-2025-21613 — CVSS 9.8 (critical): go-git is a highly extensible git implementation library written in pure Go. An argument injection vulnerability was discovered in go-git…
CVE-2023-49568 — CVSS 7.5 (high): A denial of service (DoS) vulnerability was discovered in go-git versions prior to v5.11. This vulnerability allows an attacker to perform…
CVE-2025-21614 — CVSS 7.5 (high): go-git is a highly extensible git implementation library written in pure Go. A denial of service (DoS) vulnerability was discovered in…