You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
go git vulnerability
About this tag
The go git vulnerability tag covers discussions about security flaws in the go-git library, a pure-Go implementation of Git primitives used by applications for repository operations. A key topic is CVE-2023-49568, a denial-of-service vulnerability where a malicious Git server can exhaust memory or crash go-git clients via specially crafted replies. Mitigation involves upgrading to go-git v5.11.0. The tag focuses on patching and protecting systems that embed go-git from resource exhaustion attacks.
A denial-of-service condition in widely used Go library implementations of Git can be induced by a malicious Git server that sends specially crafted replies — an attacker-controlled server can exhaust memory or other resources on go-git clients, causing processes and dependent services to stall...