Linux Distros Unpatched Vulnerability : CVE-2025-21614

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - go-git is a highly extensible git implementation library written in pure Go. A denial of service DoS vulnerability was discovered in go-git versions prior to...

Linux Distros Unpatched Vulnerability : CVE-2025-21613

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - go-git is a highly extensible git implementation library written in pure Go. An argument injection vulnerability was discovered in go-git versions prior to v5.1...

Linux Distros Unpatched Vulnerability : CVE-2023-49568

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A denial of service DoS vulnerability was discovered in go-git versions prior to v5.11. This vulnerability allows an attacker to perform denial of service attac...

Linux Distros Unpatched Vulnerability : CVE-2023-49569

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A path traversal vulnerability was discovered in go-git versions prior to v5.11. This vulnerability allows an attacker to create and amend files across the...

Security Bulletin: Due to use of go-git, IBM Instana Observability is vulnerable to a denial of service and argument injection vulnerability.

Summary go-git is used by IBM Instana Observability CVE-2025-21613, CVE-2025-21614 Vulnerability Details CVEID:CVE-2025-21613 DESCRIPTION: go-git is a highly extensible git implementation library written in pure Go. An argument injection vulnerability was discovered in go-git versions prior to...

Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to a denial of service in go-git [CVE-2025-21614]

Summary IBM Watson Speech Services Cartridge is vulnerable to a denial of service in go-git, due to a weakness in Git server allowing crafted responses which may cause resource exhaustion CVE-2025-21614. Go-Git is used in our watson-speech-catalog images. This vulnerabilitiy has been addressed...

Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to an argument injection vulnerability in go-git [CVE-2025-21613]

Summary IBM Watson Speech Services Cartridge is vulnerable to an argument injection vulnerability in go-git, allowing the setting of arbitrary values to git-upload-pack flags when file transport protocol is used CVE-2025-21613. Go-git is used in our watson-speech-catalog images. This vulnerabilit...

Security update for grafana

This update for grafana fixes the following issues: grafana was updated from version 10.4.13 to 10.4.15: Security issues fixed: CVE-2024-45339: Fixed vulnerability when creating log files bsc1236559 CVE-2024-11741: Fixed the Grafana Alerting VictorOps integration bsc1236734 CVE-2025-21613: Remove...

ROS-20250219-03

A vulnerability in the git-upload-pack method of the go-git library is related to argument injection or modification. Exploitation of the vulnerability could allow an attacker acting remotely to impact the confidentiality, integrity, and availability of protected information A vulnerability in th...

ROS-20250214-02

A vulnerability in the go-git library is related to unrestricted resource allocation. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service A vulnerability in the git-upload-pack method of the go-git library is related to argument injection or...

RLSA-2025:0401 Important: grafana security update

Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Security Fixes: go-git: argument injection via the URL field CVE-2025-21613 go-git: go-git clients vulnerable to DoS via maliciously crafted Git server replies CVE-2025-21614 For more...

Azure Linux 3.0 Security Update: packer (CVE-2025-21614)

The version of packer installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-21614 advisory. - go-git is a highly extensible git implementation library written in pure Go. A denial of service DoS...

Azure Linux 3.0 Security Update: packer (CVE-2023-49569)

The version of packer installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-49569 advisory. - A path traversal vulnerability was discovered in go-git versions prior to v5.11. This vulnerability allows a...

Azure Linux 3.0 Security Update: packer (CVE-2025-21613)

The version of packer installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-21613 advisory. - go-git is a highly extensible git implementation library written in pure Go. An argument injection...

Important: amazon-ssm-agent

Issue Overview: go-git is a highly extensible git implementation library written in pure Go. An argument injection vulnerability was discovered in go-git versions prior to v5.13. Successful exploitation of this vulnerability could allow an attacker to set arbitrary values to git-upload-pack flags...

Important: amazon-ssm-agent

Issue Overview: go-git is a highly extensible git implementation library written in pure Go. An argument injection vulnerability was discovered in go-git versions prior to v5.13. Successful exploitation of this vulnerability could allow an attacker to set arbitrary values to git-upload-pack flags...

Amazon Linux 2023 : amazon-ssm-agent (ALAS2023-2025-824)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-824 advisory. go-git is a highly extensible git implementation library written in pure Go. An argument injection vulnerability was discovered in go-git versions prior to v5.13. Successful exploitation of thi...

Important: amazon-ssm-agent

Issue Overview: go-git is a highly extensible git implementation library written in pure Go. An argument injection vulnerability was discovered in go-git versions prior to v5.13. Successful exploitation of this vulnerability could allow an attacker to set arbitrary values to git-upload-pack flags...

Important: amazon-ssm-agent

Issue Overview: go-git is a highly extensible git implementation library written in pure Go. An argument injection vulnerability was discovered in go-git versions prior to v5.13. Successful exploitation of this vulnerability could allow an attacker to set arbitrary values to git-upload-pack flags...

Amazon Linux 2 : amazon-ssm-agent (ALAS-2025-2739)

The version of amazon-ssm-agent installed on the remote host is prior to 3.3.1611.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2025-2739 advisory. go-git is a highly extensible git implementation library written in pure Go. An argument injection...