2 matches found
CVE-2023-49569
CVE-2023-49569 affects go-git prior to v5.11 and enables a path traversal that could let an attacker create or amend files across the filesystem, potentially leading to remote code execution. Affected apps are those using the ChrootOS filesystem wrapper (default for PlainClone/Open/Clone paths); ...
CVE-2023-49568
CVE-2023-49568 affects go-git (Go) and is a DoS due to specially crafted responses from a Git server triggering resource exhaustion in go-git clients. Affected are go-git versions prior to v5.11; in-memory filesystem usage by go-git is not affected. This is a go-git implementation issue and does ...