26 matches found
MiracleLinux 8 : grafana-9.2.10-21.el8_10 (AXSA:2025-9576:01)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-9576:01 advisory. go-git: argument injection via the URL field CVE-2025-21613 go-git: go-git clients vulnerable to DoS via maliciously crafted Git server replies...
TencentOS Server 3: grafana (TSSA-2025:0100)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0100 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...
Alibaba Cloud Linux 3 : 0013: grafana (ALINUX3-SA-2025:0013)
The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2025:0013 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2025-21613: go-git is a highly...
CVE-2025-21614 affecting package cri-o for versions less than 1.22.3-13
CVE-2025-21614 affecting package cri-o for versions less than 1.22.3-13. A patched version of the package is available...
Linux Distros Unpatched Vulnerability : CVE-2025-21614
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - go-git is a highly extensible git implementation library written in pure Go. A denial of service DoS vulnerability was discovered in go-git versions prior to...
Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to a denial of service in go-git [CVE-2025-21614]
Summary IBM Watson Speech Services Cartridge is vulnerable to a denial of service in go-git, due to a weakness in Git server allowing crafted responses which may cause resource exhaustion CVE-2025-21614. Go-Git is used in our watson-speech-catalog images. This vulnerabilitiy has been addressed...
Important: Red Hat Security Advisory: Errata Advisory for Red Hat OpenShift GitOps v1.15.1 security update
An update is now available for Red Hat OpenShift GitOps v1.15.1. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...
Azure Linux 3.0 Security Update: packer (CVE-2025-21614)
The version of packer installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-21614 advisory. - go-git is a highly extensible git implementation library written in pure Go. A denial of service DoS...
Important: amazon-ssm-agent
Issue Overview: go-git is a highly extensible git implementation library written in pure Go. An argument injection vulnerability was discovered in go-git versions prior to v5.13. Successful exploitation of this vulnerability could allow an attacker to set arbitrary values to git-upload-pack flags...
Important: amazon-ssm-agent
Issue Overview: go-git is a highly extensible git implementation library written in pure Go. An argument injection vulnerability was discovered in go-git versions prior to v5.13. Successful exploitation of this vulnerability could allow an attacker to set arbitrary values to git-upload-pack flags...
Important: Red Hat Security Advisory: grafana security update
An update for grafana is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
RHEL 9 : grafana (RHSA-2025:0662)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:0662 advisory. Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Security Fixes: go-git: argume...
Important: Red Hat Security Advisory: grafana security update
An update for grafana is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...
Important: grafana security update
Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Security Fixes: go-git: argument injection via the URL field CVE-2025-21613 go-git: go-git clients vulnerable to DoS via maliciously crafted Git server replies CVE-2025-21614 For more...
grafana security update
9.2.10-21 - Resolves RHEL-72881: CVE-2025-21614 - Resolves RHEL-72869: CVE-2025-21613...
CVE-2025-21614 affecting package packer for versions less than 1.9.5-5
CVE-2025-21614 affecting package packer for versions less than 1.9.5-5. A patched version of the package is available...
CBL Mariner 2.0 Security Update: packer (CVE-2025-21614)
The version of packer installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-21614 advisory. - go-git is a highly extensible git implementation library written in pure Go. A denial of service DoS...
operator-sdk-1.39.0-1.1 on GA media (moderate)
operator-sdk-1.39.0-1.1 on GA media Announcement ID: openSUSE-SU-2025:14634-1 Rating: moderate Cross-References: CVE-2024-45338 CVE-2025-21614 CVSS scores: CVE-2024-45338 SUSE : 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2024-45338 SUSE : 8.2...
CVE-2025-21614
go-git is a highly extensible git implementation library written in pure Go. A denial of service DoS vulnerability was discovered in go-git versions prior to v5.13. This vulnerability allows an attacker to perform denial of service attacks by providing specially crafted responses from a Git serve...
CVE-2025-21614 vulnerabilities
Vulnerabilities for packages: timoni, argo-workflows, flux-kustomize-controller, grafana-alloy, crossplane, go-licenses, pulumi-language-dotnet, wolfictl, kubescape, argo-events, apko, pulumi-language-java, syft, argocd-image-updater, kots, grype, goreleaser, pulumi-kubernetes-operator,...