CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Positive Technologies•added 2026/04/17 12:0 a.m.•5 views

PT-2026-37125

Name of the Vulnerable Software and Affected Versions go-git versions prior to 5.18.0 go-git versions prior to 6.0.0-alpha.2 Description During smart-HTTP clone and fetch operations, the library may leak HTTP authentication credentials when following redirects. If a remote repository responds to...

7.4CVSS5.8AI score0.00075EPSS

Exploits0References20

OSV•added 2026/04/16 12:57 p.m.•0 views

SUSE-SU-2026:1411-1 Security update for terraform-provider-local, terraform-provider-random, terraform-provider-tls

This update for terraform-provider-local, terraform-provider-random, terraform-provider-tls fixes the following issue: - CVE-2026-25934: github.com/go-git/go-git/v5: improper verification of data integrity values for .pack and .idx files that can lead to the consumption of corrupted files...

9.1CVSS5.8AI score0.0002EPSS

Exploits1References5

IBM Security Bulletins•added 2026/04/14 3:9 p.m.•5 views

Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to an Improper Validation of Integrity Check Value in go-git [CVE-2026-25934]

Summary IBM Watson Speech Services Cartridge is vulnerable to an Improper Validation of Integrity Check Value in go-git, due to an issue where data integrity values for .pack and .idx files were not properly verified CVE-2026-25934. GO-git is used as a component of our ibm-watson-speech-catalog...

4.3CVSS7AI score0.00007EPSS

Exploits0Affected Software1

OSV•added 2026/04/07 2:58 p.m.•2 views

GO-2026-4909 Missing validation decoding Index v4 files leads to panic in github.com/go-git/go-git

Missing validation decoding Index v4 files leads to panic in github.com/go-git/go-git...

OSV•added 2026/04/07 2:58 p.m.•3 views

Exploits0References1

GO-2026-4910 Maliciously crafted idx file can cause asymmetric memory consumption in github.com/go-git/go-git

Maliciously crafted idx file can cause asymmetric memory consumption in github.com/go-git/go-git...

5CVSS7.3AI score0.00006EPSS

Tenable Nessus•added 2026/04/03 12:0 a.m.•4 views

Linux Distros Unpatched Vulnerability : CVE-2026-33762

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - go-git is an extensible git implementation library written in pure Go. Prior to version 5.17.1, go-git's index decoder for format version 4 fails to validate th...

Tenable Nessus•added 2026/04/03 12:0 a.m.•4 views

Linux Distros Unpatched Vulnerability : CVE-2026-34165

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - go-git is an extensible git implementation library written in pure Go. From version 5.0.0 to before version 5.17.1, a vulnerability has been identified in which...

5CVSS7.1AI score0.00006EPSS

NVD•added 2026/03/31 3:16 p.m.•1 views

CVE-2026-34165

go-git is an extensible git implementation library written in pure Go. From version 5.0.0 to before version 5.17.1, a vulnerability has been identified in which a maliciously crafted .idx file can cause asymmetric memory consumption, potentially exhausting available memory and resulting in a...

5CVSS0.00006EPSS

OSV•added 2026/03/31 3:16 p.m.•2 views

DEBIAN-CVE-2026-34165

5CVSS7.6AI score0.00006EPSS

Exploits0References1

NVD•added 2026/03/31 3:16 p.m.•1 views

CVE-2026-33762

go-git is an extensible git implementation library written in pure Go. Prior to version 5.17.1, go-git’s index decoder for format version 4 fails to validate the path name prefix length before applying it to the previously decoded path name. A maliciously crafted index file can trigger an...

2.8CVSS0.00006EPSS

OSV•added 2026/03/31 3:16 p.m.•1 views

DEBIAN-CVE-2026-33762

2.8CVSS5.2AI score0.00006EPSS

Exploits0References1

UbuntuCve•added 2026/03/31 3:16 p.m.•6 views

CVE-2026-33762

OSV•added 2026/03/31 3:16 p.m.•2 views

Exploits0References3

UBUNTU-CVE-2026-33762

UbuntuCve•added 2026/03/31 3:16 p.m.•1 views

CVE-2026-34165

5CVSS5.7AI score0.00006EPSS

Exploits0References3

OSV•added 2026/03/31 3:16 p.m.•0 views

UBUNTU-CVE-2026-34165

5CVSS5.7AI score0.00006EPSS

CVE•added 2026/03/31 1:47 p.m.•17 views

CVE-2026-33762

The CVE-2026-33762 vulnerability affects the go-git library prior to v5.17.1, specifically the index decoder for Git index format version 4. The issue is a missing validation of the path name prefix length before applying it to the decoded path, which can cause an out-of-bounds slice operation an...