Vulnerability Report: GO-2025-3368
- CVE-2025-21613, GHSA-v725-9546-7q7m
- Affects: github.com/go-git/go-git/v5, github.com/go-git/go-git/v4, and 1 more
- Published: Jan 07, 2025
Argument Injection via the URL field in github.com/go-git/go-git
For detailed information about this vulnerability, visit https://github.com/go-git/go-git/security/advisories/GHSA-v725-9546-7q7m.
Affected Modules
-
PathGo Versions
-
before v5.13.0
-
all versions, no known fixed
-
all versions, no known fixed
Aliases
References
- https://github.com/go-git/go-git/security/advisories/GHSA-v725-9546-7q7m
- https://vuln.go.dev/ID/GO-2025-3368.json
Credits
- @vin01
Feedback
See anything missing or incorrect?
Suggest an edit to this report.