Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
NA

CVE-2023-49568

Published: 12/01/2024 Updated: 22/01/2024
CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9
VMScore: 0
Subscribe to Go-git

Vulnerability Summary

A denial of service (DoS) vulnerability exists in go-git versions prior to v5.11. This vulnerability allows an malicious user to perform denial of service attacks by providing specially crafted responses from a Git server which triggers resource exhaustion in go-git clients. Applications using only the in-memory filesystem supported by go-git are not affected by this vulnerability. This is a go-git implementation issue and does not affect the upstream git cli.

Vulnerable Product Search on Vulmon Subscribe to Product

go-git project go-git

Vendor Advisories

Debian CVElist Bug Report Logs: golang-github-go-git-go-git: CVE-2023-49568 CVE-2023-49569
Debian Bug report logs - #1060701 golang-github-go-git-go-git: CVE-2023-49568 CVE-2023-49569 Package: src:golang-github-go-git-go-git; Maintainer for src:golang-github-go-git-go-git is Debian Go Packaging Team <team+pkg-go@trackerdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Sat, 13 Jan 202 ...
Red Hat: Critical: Red Hat Advanced Cluster Management 2.7.11 security and bug fix container update
Synopsis Critical: Red Hat Advanced Cluster Management 2711 security and bug fix container update Type/Severity Security Advisory: Critical Topic Red Hat Advanced Cluster Management for Kubernetes 2711 GeneralAvailability release images, which provide security updates and fix bugsRed Hat Product Security has rated this update as having a ...
Red Hat: Critical: OpenShift Container Platform 4.14.11 bug fix and security update
Synopsis Critical: OpenShift Container Platform 41411 bug fix and security update Type/Severity Security Advisory: Critical Topic An update is now available for Red Hat OpenShift Container Platform 414Red Hat Product Security has rated this update as having a security impact of Critical A Common Vulnerability Scoring System (CVSS) base s ...
Red Hat: Critical: OpenShift Container Platform 4.14.11 security and extras update
Synopsis Critical: OpenShift Container Platform 41411 security and extras update Type/Severity Security Advisory: Critical Topic An update is now available for Red Hat OpenShift Container Platform 414Red Hat Product Security has rated this update as having a security impact of Critical A Common Vulnerability Scoring System (CVSS) base sc ...
Red Hat: Critical: Red Hat Advanced Cluster Management 2.9.2 security and bug fix container updates
Synopsis Critical: Red Hat Advanced Cluster Management 292 security and bug fix container updates Type/Severity Security Advisory: Critical Topic Red Hat Advanced Cluster Management for Kubernetes 292 GeneralAvailability release images, which provide security updates and fix bugsRed Hat Product Security has rated this update as having a ...
Red Hat:
Description<!---->This CVE is under investigation by Red Hat Product Security ...

References

NVD-CWE-noinfohttps://github.com/go-git/go-git/security/advisories/GHSA-mw99-9chc-xw7rhttps://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1060701https://nvd.nist.govhttps://access.redhat.com/security/cve/cve-2023-49568
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48654CVE-2024-2757authentication bypassCVE-2024-3194CVE-2024-33640CVE-2024-21111dosinsecure direct object referenceCVE-2024-21345
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook