Ubuntu 22.04 LTS / 24.04 LTS : go-git vulnerabilities (USN-8088-1)

The remote Ubuntu 22.04 LTS / 24.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8088-1 advisory. Ionut Lalu discovered that go-git incorrectly handled certain specially crafted Git server responses. An attacker could possibly use this iss...

go-git 安全漏洞

go-git is an open-source, highly scalable Git implementation written entirely in Go. Versions of go-git prior to 5.16.5 contained security vulnerabilities. These vulnerabilities stemmed from improper validation of data integrity values in the .pack and .idx files, which could lead to errors when...

Alibaba Cloud Linux 3 : 0013: grafana (ALINUX3-SA-2025:0013)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2025:0013 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2025-21613: go-git is a highly...

RLSA-2025:0401 Important: grafana security update

Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Security Fixes: go-git: argument injection via the URL field CVE-2025-21613 go-git: go-git clients vulnerable to DoS via maliciously crafted Git server replies CVE-2025-21614 For more...

Amazon Linux 2023 : amazon-ssm-agent (ALAS2023-2025-824)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-824 advisory. go-git is a highly extensible git implementation library written in pure Go. An argument injection vulnerability was discovered in go-git versions prior to v5.13. Successful exploitation of thi...

Important: Red Hat Security Advisory: grafana security update

An update for grafana is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

Important: Red Hat Security Advisory: grafana security update

An update for grafana is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

ALSA-2025:0401 Important: grafana security update

Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Security Fixes: go-git: argument injection via the URL field CVE-2025-21613 go-git: go-git clients vulnerable to DoS via maliciously crafted Git server replies CVE-2025-21614 For more...

Security Bulletin: IBM Instana Observability is affected by Vulnerabilities in Go-git with Instana Agent container image

Summary Vulnerabilities in Go-git were remediated in IBM Observability with Instana with Instana Agent container image build 265. CVE-2023-49569 & CVE-2023-49568 Vulnerability Details CVEID:CVE-2023-49569 DESCRIPTION: go-git could allow a remote attacker to traverse directories on the system. By...