Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-6smu-rrju-z7ca
Summary
Maliciously crafted Git server replies can cause DoS on go-git clients
### Impact
A denial of service (DoS) vulnerability was discovered in go-git versions prior to `v5.11`. This vulnerability allows an attacker to perform denial of service attacks by providing specially crafted responses from a Git server which triggers resource exhaustion in `go-git` clients. 

Applications using only the in-memory filesystem supported by `go-git` are not affected by this vulnerability.
This is a `go-git` implementation issue and does not affect the upstream `git` cli.

### Patches
Users running versions of `go-git` from `v4` and above are recommended to upgrade to `v5.11` in order to mitigate this vulnerability.

### Workarounds
In cases where a bump to the latest version of `go-git` is not possible, we recommend limiting its use to only trust-worthy Git servers.

## Credit
Thanks to Ionut Lalu for responsibly disclosing this vulnerability to us.

### References
- [GHSA-mw99-9chc-xw7r](https://github.com/go-git/go-git/security/advisories/GHSA-mw99-9chc-xw7r)
Aliases
0
alias CVE-2023-49568
1
alias GHSA-mw99-9chc-xw7r
Fixed_packages
0
url pkg:apk/alpine/nfpm@2.35.2-r0?arch=riscv64&distroversion=v3.23&reponame=community
purl pkg:apk/alpine/nfpm@2.35.2-r0?arch=riscv64&distroversion=v3.23&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/nfpm@2.35.2-r0%3Farch=riscv64&distroversion=v3.23&reponame=community
1
url pkg:apk/alpine/nfpm@2.35.2-r0?arch=s390x&distroversion=v3.21&reponame=community
purl pkg:apk/alpine/nfpm@2.35.2-r0?arch=s390x&distroversion=v3.21&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/nfpm@2.35.2-r0%3Farch=s390x&distroversion=v3.21&reponame=community
2
url pkg:apk/alpine/nfpm@2.35.2-r0?arch=armv7&distroversion=v3.20&reponame=community
purl pkg:apk/alpine/nfpm@2.35.2-r0?arch=armv7&distroversion=v3.20&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/nfpm@2.35.2-r0%3Farch=armv7&distroversion=v3.20&reponame=community
3
url pkg:apk/alpine/nfpm@2.35.2-r0?arch=armhf&distroversion=v3.23&reponame=community
purl pkg:apk/alpine/nfpm@2.35.2-r0?arch=armhf&distroversion=v3.23&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/nfpm@2.35.2-r0%3Farch=armhf&distroversion=v3.23&reponame=community
4
url pkg:apk/alpine/nfpm@2.35.2-r0?arch=loongarch64&distroversion=v3.23&reponame=community
purl pkg:apk/alpine/nfpm@2.35.2-r0?arch=loongarch64&distroversion=v3.23&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/nfpm@2.35.2-r0%3Farch=loongarch64&distroversion=v3.23&reponame=community
5
url pkg:apk/alpine/nfpm@2.35.2-r0?arch=ppc64le&distroversion=v3.23&reponame=community
purl pkg:apk/alpine/nfpm@2.35.2-r0?arch=ppc64le&distroversion=v3.23&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/nfpm@2.35.2-r0%3Farch=ppc64le&distroversion=v3.23&reponame=community
6
url pkg:apk/alpine/nfpm@2.35.2-r0?arch=s390x&distroversion=v3.23&reponame=community
purl pkg:apk/alpine/nfpm@2.35.2-r0?arch=s390x&distroversion=v3.23&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/nfpm@2.35.2-r0%3Farch=s390x&distroversion=v3.23&reponame=community
7
url pkg:apk/alpine/nfpm@2.35.2-r0?arch=x86&distroversion=v3.23&reponame=community
purl pkg:apk/alpine/nfpm@2.35.2-r0?arch=x86&distroversion=v3.23&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/nfpm@2.35.2-r0%3Farch=x86&distroversion=v3.23&reponame=community
8
url pkg:apk/alpine/nfpm@2.35.2-r0?arch=x86_64&distroversion=v3.23&reponame=community
purl pkg:apk/alpine/nfpm@2.35.2-r0?arch=x86_64&distroversion=v3.23&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/nfpm@2.35.2-r0%3Farch=x86_64&distroversion=v3.23&reponame=community
9
url pkg:apk/alpine/nfpm@2.35.2-r0?arch=aarch64&distroversion=v3.21&reponame=community
purl pkg:apk/alpine/nfpm@2.35.2-r0?arch=aarch64&distroversion=v3.21&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/nfpm@2.35.2-r0%3Farch=aarch64&distroversion=v3.21&reponame=community
10
url pkg:apk/alpine/nfpm@2.35.2-r0?arch=armhf&distroversion=v3.21&reponame=community
purl pkg:apk/alpine/nfpm@2.35.2-r0?arch=armhf&distroversion=v3.21&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/nfpm@2.35.2-r0%3Farch=armhf&distroversion=v3.21&reponame=community
11
url pkg:apk/alpine/nfpm@2.35.2-r0?arch=armv7&distroversion=v3.21&reponame=community
purl pkg:apk/alpine/nfpm@2.35.2-r0?arch=armv7&distroversion=v3.21&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/nfpm@2.35.2-r0%3Farch=armv7&distroversion=v3.21&reponame=community
12
url pkg:apk/alpine/nfpm@2.35.2-r0?arch=loongarch64&distroversion=v3.21&reponame=community
purl pkg:apk/alpine/nfpm@2.35.2-r0?arch=loongarch64&distroversion=v3.21&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/nfpm@2.35.2-r0%3Farch=loongarch64&distroversion=v3.21&reponame=community
13
url pkg:apk/alpine/nfpm@2.35.2-r0?arch=ppc64le&distroversion=v3.21&reponame=community
purl pkg:apk/alpine/nfpm@2.35.2-r0?arch=ppc64le&distroversion=v3.21&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/nfpm@2.35.2-r0%3Farch=ppc64le&distroversion=v3.21&reponame=community
14
url pkg:apk/alpine/nfpm@2.35.2-r0?arch=riscv64&distroversion=v3.21&reponame=community
purl pkg:apk/alpine/nfpm@2.35.2-r0?arch=riscv64&distroversion=v3.21&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/nfpm@2.35.2-r0%3Farch=riscv64&distroversion=v3.21&reponame=community
15
url pkg:apk/alpine/nfpm@2.35.2-r0?arch=x86&distroversion=v3.21&reponame=community
purl pkg:apk/alpine/nfpm@2.35.2-r0?arch=x86&distroversion=v3.21&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/nfpm@2.35.2-r0%3Farch=x86&distroversion=v3.21&reponame=community
16
url pkg:apk/alpine/nfpm@2.35.2-r0?arch=x86_64&distroversion=v3.21&reponame=community
purl pkg:apk/alpine/nfpm@2.35.2-r0?arch=x86_64&distroversion=v3.21&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/nfpm@2.35.2-r0%3Farch=x86_64&distroversion=v3.21&reponame=community
17
url pkg:apk/alpine/nfpm@2.35.2-r0?arch=aarch64&distroversion=edge&reponame=community
purl pkg:apk/alpine/nfpm@2.35.2-r0?arch=aarch64&distroversion=edge&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/nfpm@2.35.2-r0%3Farch=aarch64&distroversion=edge&reponame=community
18
url pkg:apk/alpine/nfpm@2.35.2-r0?arch=armhf&distroversion=edge&reponame=community
purl pkg:apk/alpine/nfpm@2.35.2-r0?arch=armhf&distroversion=edge&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/nfpm@2.35.2-r0%3Farch=armhf&distroversion=edge&reponame=community
19
url pkg:apk/alpine/nfpm@2.35.2-r0?arch=armv7&distroversion=edge&reponame=community
purl pkg:apk/alpine/nfpm@2.35.2-r0?arch=armv7&distroversion=edge&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/nfpm@2.35.2-r0%3Farch=armv7&distroversion=edge&reponame=community
20
url pkg:apk/alpine/nfpm@2.35.2-r0?arch=loongarch64&distroversion=edge&reponame=community
purl pkg:apk/alpine/nfpm@2.35.2-r0?arch=loongarch64&distroversion=edge&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/nfpm@2.35.2-r0%3Farch=loongarch64&distroversion=edge&reponame=community
21
url pkg:apk/alpine/nfpm@2.35.2-r0?arch=ppc64le&distroversion=edge&reponame=community
purl pkg:apk/alpine/nfpm@2.35.2-r0?arch=ppc64le&distroversion=edge&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/nfpm@2.35.2-r0%3Farch=ppc64le&distroversion=edge&reponame=community
22
url pkg:apk/alpine/nfpm@2.35.2-r0?arch=riscv64&distroversion=edge&reponame=community
purl pkg:apk/alpine/nfpm@2.35.2-r0?arch=riscv64&distroversion=edge&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/nfpm@2.35.2-r0%3Farch=riscv64&distroversion=edge&reponame=community
23
url pkg:apk/alpine/nfpm@2.35.2-r0?arch=x86&distroversion=edge&reponame=community
purl pkg:apk/alpine/nfpm@2.35.2-r0?arch=x86&distroversion=edge&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/nfpm@2.35.2-r0%3Farch=x86&distroversion=edge&reponame=community
24
url pkg:apk/alpine/nfpm@2.35.2-r0?arch=x86_64&distroversion=edge&reponame=community
purl pkg:apk/alpine/nfpm@2.35.2-r0?arch=x86_64&distroversion=edge&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/nfpm@2.35.2-r0%3Farch=x86_64&distroversion=edge&reponame=community
25
url pkg:apk/alpine/nfpm@2.35.2-r0?arch=aarch64&distroversion=v3.22&reponame=community
purl pkg:apk/alpine/nfpm@2.35.2-r0?arch=aarch64&distroversion=v3.22&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/nfpm@2.35.2-r0%3Farch=aarch64&distroversion=v3.22&reponame=community
26
url pkg:apk/alpine/nfpm@2.35.2-r0?arch=armhf&distroversion=v3.22&reponame=community
purl pkg:apk/alpine/nfpm@2.35.2-r0?arch=armhf&distroversion=v3.22&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/nfpm@2.35.2-r0%3Farch=armhf&distroversion=v3.22&reponame=community
27
url pkg:apk/alpine/nfpm@2.35.2-r0?arch=armv7&distroversion=v3.22&reponame=community
purl pkg:apk/alpine/nfpm@2.35.2-r0?arch=armv7&distroversion=v3.22&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/nfpm@2.35.2-r0%3Farch=armv7&distroversion=v3.22&reponame=community
28
url pkg:apk/alpine/nfpm@2.35.2-r0?arch=loongarch64&distroversion=v3.22&reponame=community
purl pkg:apk/alpine/nfpm@2.35.2-r0?arch=loongarch64&distroversion=v3.22&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/nfpm@2.35.2-r0%3Farch=loongarch64&distroversion=v3.22&reponame=community
29
url pkg:apk/alpine/nfpm@2.35.2-r0?arch=ppc64le&distroversion=v3.22&reponame=community
purl pkg:apk/alpine/nfpm@2.35.2-r0?arch=ppc64le&distroversion=v3.22&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/nfpm@2.35.2-r0%3Farch=ppc64le&distroversion=v3.22&reponame=community
30
url pkg:apk/alpine/nfpm@2.35.2-r0?arch=riscv64&distroversion=v3.22&reponame=community
purl pkg:apk/alpine/nfpm@2.35.2-r0?arch=riscv64&distroversion=v3.22&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/nfpm@2.35.2-r0%3Farch=riscv64&distroversion=v3.22&reponame=community
31
url pkg:apk/alpine/nfpm@2.35.2-r0?arch=s390x&distroversion=v3.22&reponame=community
purl pkg:apk/alpine/nfpm@2.35.2-r0?arch=s390x&distroversion=v3.22&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/nfpm@2.35.2-r0%3Farch=s390x&distroversion=v3.22&reponame=community
32
url pkg:apk/alpine/nfpm@2.35.2-r0?arch=x86&distroversion=v3.22&reponame=community
purl pkg:apk/alpine/nfpm@2.35.2-r0?arch=x86&distroversion=v3.22&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/nfpm@2.35.2-r0%3Farch=x86&distroversion=v3.22&reponame=community
33
url pkg:apk/alpine/nfpm@2.35.2-r0?arch=x86_64&distroversion=v3.22&reponame=community
purl pkg:apk/alpine/nfpm@2.35.2-r0?arch=x86_64&distroversion=v3.22&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/nfpm@2.35.2-r0%3Farch=x86_64&distroversion=v3.22&reponame=community
34
url pkg:apk/alpine/nfpm@2.35.2-r0?arch=aarch64&distroversion=v3.20&reponame=community
purl pkg:apk/alpine/nfpm@2.35.2-r0?arch=aarch64&distroversion=v3.20&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/nfpm@2.35.2-r0%3Farch=aarch64&distroversion=v3.20&reponame=community
35
url pkg:apk/alpine/nfpm@2.35.2-r0?arch=armhf&distroversion=v3.20&reponame=community
purl pkg:apk/alpine/nfpm@2.35.2-r0?arch=armhf&distroversion=v3.20&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/nfpm@2.35.2-r0%3Farch=armhf&distroversion=v3.20&reponame=community
36
url pkg:apk/alpine/nfpm@2.35.2-r0?arch=ppc64le&distroversion=v3.20&reponame=community
purl pkg:apk/alpine/nfpm@2.35.2-r0?arch=ppc64le&distroversion=v3.20&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/nfpm@2.35.2-r0%3Farch=ppc64le&distroversion=v3.20&reponame=community
37
url pkg:apk/alpine/nfpm@2.35.2-r0?arch=riscv64&distroversion=v3.20&reponame=community
purl pkg:apk/alpine/nfpm@2.35.2-r0?arch=riscv64&distroversion=v3.20&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/nfpm@2.35.2-r0%3Farch=riscv64&distroversion=v3.20&reponame=community
38
url pkg:apk/alpine/nfpm@2.35.2-r0?arch=s390x&distroversion=v3.20&reponame=community
purl pkg:apk/alpine/nfpm@2.35.2-r0?arch=s390x&distroversion=v3.20&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/nfpm@2.35.2-r0%3Farch=s390x&distroversion=v3.20&reponame=community
39
url pkg:apk/alpine/nfpm@2.35.2-r0?arch=x86&distroversion=v3.20&reponame=community
purl pkg:apk/alpine/nfpm@2.35.2-r0?arch=x86&distroversion=v3.20&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/nfpm@2.35.2-r0%3Farch=x86&distroversion=v3.20&reponame=community
40
url pkg:apk/alpine/nfpm@2.35.2-r0?arch=x86_64&distroversion=v3.20&reponame=community
purl pkg:apk/alpine/nfpm@2.35.2-r0?arch=x86_64&distroversion=v3.20&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/nfpm@2.35.2-r0%3Farch=x86_64&distroversion=v3.20&reponame=community
41
url pkg:apk/alpine/nfpm@2.35.2-r0?arch=aarch64&distroversion=v3.23&reponame=community
purl pkg:apk/alpine/nfpm@2.35.2-r0?arch=aarch64&distroversion=v3.23&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/nfpm@2.35.2-r0%3Farch=aarch64&distroversion=v3.23&reponame=community
42
url pkg:apk/alpine/nfpm@2.35.2-r0?arch=armv7&distroversion=v3.23&reponame=community
purl pkg:apk/alpine/nfpm@2.35.2-r0?arch=armv7&distroversion=v3.23&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/nfpm@2.35.2-r0%3Farch=armv7&distroversion=v3.23&reponame=community
43
url pkg:apk/alpine/nfpm@2.35.2-r0?arch=s390x&distroversion=edge&reponame=community
purl pkg:apk/alpine/nfpm@2.35.2-r0?arch=s390x&distroversion=edge&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/nfpm@2.35.2-r0%3Farch=s390x&distroversion=edge&reponame=community
44
url pkg:deb/debian/golang-github-go-git-go-git@5.11.0-1?distro=trixie
purl pkg:deb/debian/golang-github-go-git-go-git@5.11.0-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-github-go-git-go-git@5.11.0-1%3Fdistro=trixie
45
url pkg:deb/debian/golang-github-go-git-go-git@5.14.0-1
purl pkg:deb/debian/golang-github-go-git-go-git@5.14.0-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-62r9-cvp9-tfbg
1
vulnerability VCID-kqrm-h42a-13ce
2
vulnerability VCID-m4t6-vddc-3bfw
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-github-go-git-go-git@5.14.0-1
46
url pkg:deb/debian/golang-github-go-git-go-git@5.14.0-1?distro=trixie
purl pkg:deb/debian/golang-github-go-git-go-git@5.14.0-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-62r9-cvp9-tfbg
1
vulnerability VCID-kqrm-h42a-13ce
2
vulnerability VCID-m4t6-vddc-3bfw
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-github-go-git-go-git@5.14.0-1%3Fdistro=trixie
47
url pkg:deb/debian/golang-github-go-git-go-git@5.17.0-1?distro=trixie
purl pkg:deb/debian/golang-github-go-git-go-git@5.17.0-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-github-go-git-go-git@5.17.0-1%3Fdistro=trixie
48
url pkg:deb/debian/golang-github-go-git-go-git@5.17.1-1?distro=trixie
purl pkg:deb/debian/golang-github-go-git-go-git@5.17.1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-github-go-git-go-git@5.17.1-1%3Fdistro=trixie
49
url pkg:golang/github.com/go-git/go-git/v5@5.11.0
purl pkg:golang/github.com/go-git/go-git/v5@5.11.0
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:golang/github.com/go-git/go-git/v5@5.11.0
Affected_packages
0
url pkg:deb/debian/golang-github-go-git-go-git@5.4.2-3
purl pkg:deb/debian/golang-github-go-git-go-git@5.4.2-3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-62r9-cvp9-tfbg
1
vulnerability VCID-6smu-rrju-z7ca
2
vulnerability VCID-c5e4-td2w-37by
3
vulnerability VCID-j8jp-r751-sbf8
4
vulnerability VCID-kqrm-h42a-13ce
5
vulnerability VCID-m4t6-vddc-3bfw
6
vulnerability VCID-rka6-epua-h7gz
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-github-go-git-go-git@5.4.2-3
1
url pkg:deb/debian/golang-github-go-git-go-git@5.4.2-3?distro=trixie
purl pkg:deb/debian/golang-github-go-git-go-git@5.4.2-3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-62r9-cvp9-tfbg
1
vulnerability VCID-6smu-rrju-z7ca
2
vulnerability VCID-c5e4-td2w-37by
3
vulnerability VCID-j8jp-r751-sbf8
4
vulnerability VCID-kqrm-h42a-13ce
5
vulnerability VCID-m4t6-vddc-3bfw
6
vulnerability VCID-rka6-epua-h7gz
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-github-go-git-go-git@5.4.2-3%3Fdistro=trixie
2
url pkg:rpm/redhat/ceph@2:18.2.1-194?arch=el8cp
purl pkg:rpm/redhat/ceph@2:18.2.1-194?arch=el8cp
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6smu-rrju-z7ca
1
vulnerability VCID-pv34-th9b-37h6
2
vulnerability VCID-rka6-epua-h7gz
3
vulnerability VCID-z7wb-tvk2-myhr
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/ceph@2:18.2.1-194%3Farch=el8cp
3
url pkg:rpm/redhat/openshift-serverless-clients@1.10.0-6?arch=el8
purl pkg:rpm/redhat/openshift-serverless-clients@1.10.0-6?arch=el8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5eck-adts-e3de
1
vulnerability VCID-6smu-rrju-z7ca
2
vulnerability VCID-jzn6-bzzf-nugp
3
vulnerability VCID-rka6-epua-h7gz
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/openshift-serverless-clients@1.10.0-6%3Farch=el8
References
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-49568.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-49568.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-49568
reference_id
reference_type
scores
0
value 0.00112
scoring_system epss
scoring_elements 0.29683
published_at 2026-04-21T12:55:00Z
1
value 0.00112
scoring_system epss
scoring_elements 0.29905
published_at 2026-04-04T12:55:00Z
2
value 0.00112
scoring_system epss
scoring_elements 0.29721
published_at 2026-04-07T12:55:00Z
3
value 0.00112
scoring_system epss
scoring_elements 0.29782
published_at 2026-04-12T12:55:00Z
4
value 0.00112
scoring_system epss
scoring_elements 0.29818
published_at 2026-04-09T12:55:00Z
5
value 0.00112
scoring_system epss
scoring_elements 0.29827
published_at 2026-04-11T12:55:00Z
6
value 0.00112
scoring_system epss
scoring_elements 0.29732
published_at 2026-04-13T12:55:00Z
7
value 0.00112
scoring_system epss
scoring_elements 0.29749
published_at 2026-04-16T12:55:00Z
8
value 0.00112
scoring_system epss
scoring_elements 0.29727
published_at 2026-04-18T12:55:00Z
9
value 0.00115
scoring_system epss
scoring_elements 0.30315
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-49568
2
reference_url https://github.com/go-git/go-git
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/go-git/go-git
3
reference_url https://github.com/go-git/go-git/security/advisories/GHSA-mw99-9chc-xw7r
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-12T18:15:52Z/
url https://github.com/go-git/go-git/security/advisories/GHSA-mw99-9chc-xw7r
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-49568
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-49568
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1060701
reference_id 1060701
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1060701
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2258165
reference_id 2258165
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2258165
7
reference_url https://access.redhat.com/errata/RHSA-2024:0298
reference_id RHSA-2024:0298
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0298
8
reference_url https://access.redhat.com/errata/RHSA-2024:0641
reference_id RHSA-2024:0641
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0641
9
reference_url https://access.redhat.com/errata/RHSA-2024:0642
reference_id RHSA-2024:0642
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0642
10
reference_url https://access.redhat.com/errata/RHSA-2024:0691
reference_id RHSA-2024:0691
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0691
11
reference_url https://access.redhat.com/errata/RHSA-2024:0692
reference_id RHSA-2024:0692
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0692
12
reference_url https://access.redhat.com/errata/RHSA-2024:0735
reference_id RHSA-2024:0735
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0735
13
reference_url https://access.redhat.com/errata/RHSA-2024:0740
reference_id RHSA-2024:0740
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0740
14
reference_url https://access.redhat.com/errata/RHSA-2024:0832
reference_id RHSA-2024:0832
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0832
15
reference_url https://access.redhat.com/errata/RHSA-2024:0833
reference_id RHSA-2024:0833
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0833
16
reference_url https://access.redhat.com/errata/RHSA-2024:0843
reference_id RHSA-2024:0843
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0843
17
reference_url https://access.redhat.com/errata/RHSA-2024:0845
reference_id RHSA-2024:0845
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0845
18
reference_url https://access.redhat.com/errata/RHSA-2024:0880
reference_id RHSA-2024:0880
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0880
19
reference_url https://access.redhat.com/errata/RHSA-2024:0989
reference_id RHSA-2024:0989
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0989
20
reference_url https://access.redhat.com/errata/RHSA-2024:1052
reference_id RHSA-2024:1052
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1052
21
reference_url https://access.redhat.com/errata/RHSA-2024:1557
reference_id RHSA-2024:1557
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1557
22
reference_url https://access.redhat.com/errata/RHSA-2024:1570
reference_id RHSA-2024:1570
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1570
23
reference_url https://access.redhat.com/errata/RHSA-2024:1896
reference_id RHSA-2024:1896
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1896
24
reference_url https://access.redhat.com/errata/RHSA-2024:3889
reference_id RHSA-2024:3889
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:3889
25
reference_url https://access.redhat.com/errata/RHSA-2024:3925
reference_id RHSA-2024:3925
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:3925
26
reference_url https://access.redhat.com/errata/RHSA-2024:4010
reference_id RHSA-2024:4010
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4010
27
reference_url https://usn.ubuntu.com/8088-1/
reference_id USN-8088-1
reference_type
scores
url https://usn.ubuntu.com/8088-1/
Weaknesses
0
cwe_id 20
name Improper Input Validation
description The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
1
cwe_id 400
name Uncontrolled Resource Consumption
description The product does not properly control the allocation and maintenance of a limited resource, thereby enabling an actor to influence the amount of resources consumed, eventually leading to the exhaustion of available resources.
Exploits
Severity_range_score7.0 - 8.9
Exploitability0.5
Weighted_severity8.0
Risk_score4.0
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-6smu-rrju-z7ca