Browse all 8 CVE security advisories affecting go-git. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Go-git serves as a pure Go implementation of Git, primarily used for version control operations in Go applications. Historically, it has been susceptible to remote code execution vulnerabilities through malicious repository handling, cross-site scripting via crafted web interfaces, and privilege escalation in server deployments. Notable security characteristics include its memory-safe design reducing certain classes of vulnerabilities, though it has experienced critical flaws like path traversal in repository URLs and unsafe object parsing. While no major public incidents have been widely documented, the 7 recorded CVEs highlight ongoing risks in handling untrusted Git data, particularly in automated CI/CD pipelines and code hosting services.
This page lists every published CVE security advisory associated with go-git. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.