5 matches found
Argument Injection
github.com/go-git/go-git is vulnerable to an Argument Injection. The vulnerability is due to improper validation of input arguments passed to the git-upload-pack flags, which allows arbitrary values to be injected when using the file transport protocol...
CVE-2025-21613
go-git is a highly extensible git implementation library written in pure Go. An argument injection vulnerability was discovered in go-git versions prior to v5.13. Successful exploitation of this vulnerability could allow an attacker to set arbitrary values to git-upload-pack flags. This only...
AZL-55067 CVE-2025-21613 affecting package cri-o 1.30.1-1
go-git is a highly extensible git implementation library written in pure Go. An argument injection vulnerability was discovered in go-git versions prior to v5.13. Successful exploitation of this vulnerability could allow an attacker to set arbitrary values to git-upload-pack flags. This only...
CVE-2025-21613
CVE-2025-21613 affects the go-git library. Affected: go-git prior to 5.13.0. Issue: argument injection vulnerability allowing an attacker to set arbitrary values on git-upload-pack flags when using the file transport protocol (shelling out to git binaries). Impact: potential disclosure/integrity/...
PT-2025-1014
Name of the Vulnerable Software and Affected Versions go-git versions prior to v5.13 Description An argument injection vulnerability was discovered in go-git. The successful exploitation of this vulnerability could allow an attacker to set arbitrary values to git-upload-pack flags. This only...