Medium severity4.7GHSA Advisory· Published May 8, 2026· Updated May 12, 2026
CVE-2026-41506
CVE-2026-41506
Description
go-git is an extensible git implementation library written in pure Go. Prior to versions 5.18.0 and 6.0.0-alpha.2, go-git may leak HTTP authentication credentials when following redirects during smart-HTTP clone and fetch operations. This issue has been patched in versions 5.18.0 and 6.0.0-alpha.2.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
github.com/go-git/go-git/v5Go | < 5.18.0 | 5.18.0 |
github.com/go-git/go-git/v6Go | < 6.0.0-alpha.2 | 6.0.0-alpha.2 |
Affected products
301- osv-coords298 versionspkg:apk/chainguard/actpkg:apk/chainguard/amazon-ssm-agentpkg:apk/chainguard/amazon-ssm-agent-ecs-execpkg:apk/chainguard/amazon-ssm-agent-ecs-exec-fipspkg:apk/chainguard/amazon-ssm-agent-fipspkg:apk/chainguard/apkopkg:apk/chainguard/apko-fipspkg:apk/chainguard/argo-cd-3.1pkg:apk/chainguard/argo-cd-3.1-compatpkg:apk/chainguard/argo-cd-3.2pkg:apk/chainguard/argo-cd-3.2-compatpkg:apk/chainguard/argo-cd-3.3-compatpkg:apk/chainguard/argo-cd-fips-3.1pkg:apk/chainguard/argo-cd-fips-3.1-compatpkg:apk/chainguard/argo-cd-fips-3.2pkg:apk/chainguard/argo-cd-fips-3.2-compatpkg:apk/chainguard/argo-cd-fips-3.3pkg:apk/chainguard/argo-cd-fips-3.3-compatpkg:apk/chainguard/argocd-image-updaterpkg:apk/chainguard/argocd-image-updater-fipspkg:apk/chainguard/argo-eventspkg:apk/chainguard/argo-events-fipspkg:apk/chainguard/argo-workflow-executor-3.6pkg:apk/chainguard/argo-workflow-executor-3.7pkg:apk/chainguard/argo-workflow-executor-4.0pkg:apk/chainguard/argo-workflow-executor-fips-3.6pkg:apk/chainguard/argo-workflow-executor-fips-3.7pkg:apk/chainguard/argo-workflow-executor-fips-4.0pkg:apk/chainguard/argo-workflows-3.6pkg:apk/chainguard/argo-workflows-3.7pkg:apk/chainguard/argo-workflows-4.0pkg:apk/chainguard/argo-workflows-fips-3.6pkg:apk/chainguard/argo-workflows-fips-3.7pkg:apk/chainguard/argo-workflows-fips-4.0pkg:apk/chainguard/bompkg:apk/chainguard/cerbospkg:apk/chainguard/cerbosctlpkg:apk/chainguard/cerbosctl-fipspkg:apk/chainguard/cerbos-fipspkg:apk/chainguard/cgpkg:apk/chainguard/chainctlpkg:apk/chainguard/chainctl-fipspkg:apk/chainguard/chainloop-clipkg:apk/chainguard/chainloop-cli-fipspkg:apk/chainguard/cloudbeat-8.17pkg:apk/chainguard/cloudbeat-8.19pkg:apk/chainguard/cloudbeat-9.0pkg:apk/chainguard/cloudbeat-9.1pkg:apk/chainguard/cloudbeat-9.2pkg:apk/chainguard/cloudbeat-9.3pkg:apk/chainguard/cloudbeat-fips-8.17pkg:apk/chainguard/cloudbeat-fips-8.19pkg:apk/chainguard/cloudbeat-fips-9.0pkg:apk/chainguard/cloudbeat-fips-9.1pkg:apk/chainguard/cloudbeat-fips-9.2pkg:apk/chainguard/cloudbeat-fips-9.3pkg:apk/chainguard/commercial-chainloop-clipkg:apk/chainguard/crossplane-1.20-crankpkg:apk/chainguard/crossplane-2.0-crankpkg:apk/chainguard/crossplane-2.1-crankpkg:apk/chainguard/crossplane-2.2-crankpkg:apk/chainguard/crossplane-fips-1.20-crankpkg:apk/chainguard/crossplane-fips-2.0-crankpkg:apk/chainguard/crossplane-fips-2.1-crankpkg:apk/chainguard/crossplane-fips-2.2-crankpkg:apk/chainguard/daggerpkg:apk/chainguard/external-secrets-operator-2.2pkg:apk/chainguard/external-secrets-operator-2.3pkg:apk/chainguard/external-secrets-operator-fips-2.2pkg:apk/chainguard/external-secrets-operator-fips-2.3pkg:apk/chainguard/flux-2.6pkg:apk/chainguard/flux-2.7pkg:apk/chainguard/flux-2.8pkg:apk/chainguard/flux-fips-2.6pkg:apk/chainguard/flux-fips-2.7pkg:apk/chainguard/flux-fips-2.8pkg:apk/chainguard/flux-image-automation-controllerpkg:apk/chainguard/flux-image-automation-controller-fipspkg:apk/chainguard/flux-source-controllerpkg:apk/chainguard/flux-source-controller-fipspkg:apk/chainguard/gitaly-18.10pkg:apk/chainguard/gitaly-18.11pkg:apk/chainguard/gitaly-18.9pkg:apk/chainguard/gitaly-fips-18.10pkg:apk/chainguard/gitaly-fips-18.11pkg:apk/chainguard/gitaly-fips-18.9pkg:apk/chainguard/giteapkg:apk/chainguard/gitea-fipspkg:apk/chainguard/gitlab-rails-ce-18.1pkg:apk/chainguard/gitlab-rails-ce-18.10pkg:apk/chainguard/gitlab-rails-ce-18.11pkg:apk/chainguard/gitlab-rails-ce-18.9pkg:apk/chainguard/gitlab-rails-ce-fips-18.1pkg:apk/chainguard/gitlab-rails-ce-fips-18.10pkg:apk/chainguard/gitlab-rails-ce-fips-18.11pkg:apk/chainguard/gitlab-rails-ce-fips-18.9pkg:apk/chainguard/gitlab-runner-18.10pkg:apk/chainguard/gitlab-runner-18.11pkg:apk/chainguard/gitlab-runner-18.9pkg:apk/chainguard/gitlab-runner-fips-18.10pkg:apk/chainguard/gitlab-runner-fips-18.11pkg:apk/chainguard/gitlab-runner-fips-18.9pkg:apk/chainguard/gitlab-runner-helper-18.10pkg:apk/chainguard/gitlab-runner-helper-18.11pkg:apk/chainguard/gitlab-runner-helper-18.9pkg:apk/chainguard/gitlab-runner-helper-fips-18.10pkg:apk/chainguard/gitlab-runner-helper-fips-18.11pkg:apk/chainguard/gitlab-runner-helper-fips-18.9pkg:apk/chainguard/gitsignpkg:apk/chainguard/gomplate-4pkg:apk/chainguard/gomplate-5pkg:apk/chainguard/gomplate-fips-4pkg:apk/chainguard/gomplate-fips-5pkg:apk/chainguard/google-osconfig-agentpkg:apk/chainguard/goreleaserpkg:apk/chainguard/gptscriptpkg:apk/chainguard/grafana-12.1pkg:apk/chainguard/grafana-alloypkg:apk/chainguard/grafana-alloy-fipspkg:apk/chainguard/grafana-fips-12.1pkg:apk/chainguard/grypepkg:apk/chainguard/grype-dbpkg:apk/chainguard/grype-fipspkg:apk/chainguard/guacpkg:apk/chainguard/guacingestpkg:apk/chainguard/guaconepkg:apk/chainguard/jfrog-clipkg:apk/chainguard/k9spkg:apk/chainguard/k9s-fipspkg:apk/chainguard/kanikopkg:apk/chainguard/kaniko-fipspkg:apk/chainguard/kargopkg:apk/chainguard/kotspkg:apk/chainguard/kubescapepkg:apk/chainguard/kubescape-serverpkg:apk/chainguard/kubescape-server-downloaderpkg:apk/chainguard/kubescape-server-fipspkg:apk/chainguard/kubescape-server-fips-downloaderpkg:apk/chainguard/kubevela-vela-clipkg:apk/chainguard/kubevela-vela-cli-fipspkg:apk/chainguard/kubevela-vela-corepkg:apk/chainguard/kubevela-vela-core-fipspkg:apk/chainguard/kyverno-cli-1.15pkg:apk/chainguard/kyverno-cli-1.16pkg:apk/chainguard/kyverno-cli-1.17pkg:apk/chainguard/kyverno-cli-fips-1.15pkg:apk/chainguard/kyverno-cli-fips-1.16pkg:apk/chainguard/kyverno-cli-fips-1.17pkg:apk/chainguard/mapotfpkg:apk/chainguard/mapotf-fipspkg:apk/chainguard/melangepkg:apk/chainguard/nemopkg:apk/chainguard/nucleipkg:apk/chainguard/osv-scannerpkg:apk/chainguard/packerpkg:apk/chainguard/packer-fipspkg:apk/chainguard/pulumipkg:apk/chainguard/pulumi-kubernetes-operatorpkg:apk/chainguard/pulumi-language-dotnetpkg:apk/chainguard/pulumi-language-gopkg:apk/chainguard/pulumi-language-javapkg:apk/chainguard/pulumi-language-nodejspkg:apk/chainguard/pulumi-language-pythonpkg:apk/chainguard/pulumi-language-yamlpkg:apk/chainguard/rancher-fleet-clipkg:apk/chainguard/rancher-fleet-cli-fipspkg:apk/chainguard/rancher-fleet-controllerpkg:apk/chainguard/rancher-fleet-controller-fipspkg:apk/chainguard/redpanda-consolepkg:apk/chainguard/scorecardpkg:apk/chainguard/skaffoldpkg:apk/chainguard/skaffold-fipspkg:apk/chainguard/snyk-clipkg:apk/chainguard/src-fingerprintpkg:apk/chainguard/src-fingerprint-fipspkg:apk/chainguard/steampipepkg:apk/chainguard/syftpkg:apk/chainguard/syft-fipspkg:apk/chainguard/teleport-17pkg:apk/chainguard/teleport-18pkg:apk/chainguard/teleport-18.6pkg:apk/chainguard/terragrunt-fipspkg:apk/chainguard/tfsecpkg:apk/chainguard/trivypkg:apk/chainguard/trivy-fipspkg:apk/chainguard/trivy-operatorpkg:apk/chainguard/trivy-operator-fipspkg:apk/chainguard/trufflehogpkg:apk/chainguard/trufflehog-fipspkg:apk/chainguard/upwind-agentpkg:apk/chainguard/witnesspkg:apk/chainguard/wolfictlpkg:apk/chainguard/xeolpkg:apk/chainguard/xeol-fipspkg:apk/chainguard/zarfpkg:apk/chainguard/zarf-fipspkg:apk/chainguard/zotpkg:apk/wolfi/actpkg:apk/wolfi/apkopkg:apk/wolfi/argo-cd-3.1pkg:apk/wolfi/argo-cd-3.1-compatpkg:apk/wolfi/argo-cd-3.2pkg:apk/wolfi/argo-cd-3.2-compatpkg:apk/wolfi/argo-cd-3.3-compatpkg:apk/wolfi/argocd-image-updaterpkg:apk/wolfi/argo-eventspkg:apk/wolfi/argo-workflow-executor-3.7pkg:apk/wolfi/argo-workflow-executor-4.0pkg:apk/wolfi/argo-workflows-3.7pkg:apk/wolfi/argo-workflows-4.0pkg:apk/wolfi/bompkg:apk/wolfi/cerbospkg:apk/wolfi/cerbosctlpkg:apk/wolfi/crossplane-2.1-crankpkg:apk/wolfi/crossplane-2.2-crankpkg:apk/wolfi/daggerpkg:apk/wolfi/external-secrets-operator-2.2pkg:apk/wolfi/external-secrets-operator-2.3pkg:apk/wolfi/flux-2.6pkg:apk/wolfi/flux-2.7pkg:apk/wolfi/flux-2.8pkg:apk/wolfi/flux-image-automation-controllerpkg:apk/wolfi/flux-source-controllerpkg:apk/wolfi/gitaly-18.10pkg:apk/wolfi/gitaly-18.11pkg:apk/wolfi/gitaly-18.9pkg:apk/wolfi/giteapkg:apk/wolfi/gitlab-runner-18.10pkg:apk/wolfi/gitlab-runner-18.11pkg:apk/wolfi/gitlab-runner-18.9pkg:apk/wolfi/gitlab-runner-helper-18.10pkg:apk/wolfi/gitlab-runner-helper-18.11pkg:apk/wolfi/gitlab-runner-helper-18.9pkg:apk/wolfi/gitsignpkg:apk/wolfi/gomplate-5pkg:apk/wolfi/goreleaserpkg:apk/wolfi/gptscriptpkg:apk/wolfi/grafana-12.1pkg:apk/wolfi/grafana-alloypkg:apk/wolfi/grypepkg:apk/wolfi/guacpkg:apk/wolfi/guacingestpkg:apk/wolfi/guaconepkg:apk/wolfi/k9spkg:apk/wolfi/kanikopkg:apk/wolfi/kargopkg:apk/wolfi/kotspkg:apk/wolfi/kubescapepkg:apk/wolfi/kubevela-vela-clipkg:apk/wolfi/kubevela-vela-corepkg:apk/wolfi/kyverno-cli-1.15pkg:apk/wolfi/kyverno-cli-1.16pkg:apk/wolfi/kyverno-cli-1.17pkg:apk/wolfi/melangepkg:apk/wolfi/nucleipkg:apk/wolfi/osv-scannerpkg:apk/wolfi/pulumipkg:apk/wolfi/pulumi-kubernetes-operatorpkg:apk/wolfi/pulumi-language-dotnetpkg:apk/wolfi/pulumi-language-gopkg:apk/wolfi/pulumi-language-javapkg:apk/wolfi/pulumi-language-nodejspkg:apk/wolfi/pulumi-language-pythonpkg:apk/wolfi/pulumi-language-yamlpkg:apk/wolfi/rancher-fleet-clipkg:apk/wolfi/rancher-fleet-controllerpkg:apk/wolfi/scorecardpkg:apk/wolfi/skaffoldpkg:apk/wolfi/snyk-clipkg:apk/wolfi/src-fingerprintpkg:apk/wolfi/steampipepkg:apk/wolfi/syftpkg:apk/wolfi/teleport-17pkg:apk/wolfi/teleport-18pkg:apk/wolfi/teleport-18.6pkg:apk/wolfi/tfsecpkg:apk/wolfi/trivypkg:apk/wolfi/trivy-operatorpkg:apk/wolfi/trufflehogpkg:apk/wolfi/witnesspkg:apk/wolfi/wolfictlpkg:apk/wolfi/xeolpkg:apk/wolfi/zarfpkg:apk/wolfi/zotpkg:golang/github.com/go-git/go-git/v5pkg:golang/github.com/go-git/go-git/v6pkg:rpm/opensuse/amazon-ssm-agent&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/cheat&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/git-bug&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/google-osconfig-agent&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/trivy&distro=openSUSE%20Tumbleweedpkg:rpm/suse/amazon-ssm-agent&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2012pkg:rpm/suse/amazon-ssm-agent&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP4pkg:rpm/suse/amazon-ssm-agent&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP5pkg:rpm/suse/amazon-ssm-agent&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP6pkg:rpm/suse/amazon-ssm-agent&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP7pkg:rpm/suse/amazon-ssm-agent&distro=SUSE%20Linux%20Enterprise%20Server%2016.0pkg:rpm/suse/amazon-ssm-agent&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20applications%2016.0
< 0.2.87-r3+ 297 more
- (no CPE)range: < 0.2.87-r3
- (no CPE)range: < 3.3.3270.0-r13
- (no CPE)range: < 3.3.3270.0-r13
- (no CPE)range: < 3.3.3270.0-r14
- (no CPE)range: < 3.3.3270.0-r14
- (no CPE)range: < 1.2.3-r1
- (no CPE)range: < 1.2.3-r1
- (no CPE)range: < 3.1.15-r1
- (no CPE)range: < 3.1.15-r1
- (no CPE)range: < 3.2.10-r1
- (no CPE)range: < 3.2.10-r1
- (no CPE)range: < 3.3.7-r2
- (no CPE)range: < 3.1.13-r6
- (no CPE)range: < 3.1.13-r6
- (no CPE)range: < 3.2.8-r5
- (no CPE)range: < 3.2.8-r5
- (no CPE)range: < 3.3.8-r2
- (no CPE)range: < 3.3.8-r2
- (no CPE)range: < 1.1.1-r9
- (no CPE)range: < 1.1.1-r11
- (no CPE)range: < 1.9.10-r16
- (no CPE)range: < 1.9.10-r11
- (no CPE)range: < 3.6.19-r6
- (no CPE)range: < 3.7.13-r2
- (no CPE)range: < 4.0.4-r6
- (no CPE)range: < 3.6.19-r7
- (no CPE)range: < 3.7.13-r6
- (no CPE)range: < 4.0.4-r6
- (no CPE)range: < 3.6.19-r6
- (no CPE)range: < 3.7.13-r2
- (no CPE)range: < 4.0.4-r6
- (no CPE)range: < 3.6.19-r7
- (no CPE)range: < 3.7.13-r6
- (no CPE)range: < 4.0.4-r6
- (no CPE)range: < 0.7.1-r15
- (no CPE)range: < 0.51.0-r18
- (no CPE)range: < 0.51.0-r18
- (no CPE)range: < 0.51.0-r12
- (no CPE)range: < 0.51.0-r12
- (no CPE)range: < 0.2.245-r0
- (no CPE)range: < 0.2.248-r0
- (no CPE)range: < 0.2.247-r0
- (no CPE)range: < 1.93.3-r1
- (no CPE)range: < 1.93.3-r1
- (no CPE)range: < 8.17.10-r13
- (no CPE)range: < 8.19.13-r9
- (no CPE)range: < 9.0.8-r15
- (no CPE)range: < 9.1.10-r9
- (no CPE)range: < 9.2.7-r6
- (no CPE)range: < 9.3.3-r4
- (no CPE)range: < 8.17.10-r19
- (no CPE)range: < 8.19.13-r8
- (no CPE)range: < 9.0.8-r16
- (no CPE)range: < 9.1.10-r13
- (no CPE)range: < 9.2.7-r9
- (no CPE)range: < 9.3.2-r9
- (no CPE)range: < 1.72.2-r0
- (no CPE)range: < 1.20.5-r10
- (no CPE)range: < 2.0.7-r11
- (no CPE)range: < 2.1.4-r12
- (no CPE)range: < 2.2.0-r9
- (no CPE)range: < 1.20.5-r11
- (no CPE)range: < 2.0.7-r13
- (no CPE)range: < 2.1.4-r13
- (no CPE)range: < 2.2.0-r11
- (no CPE)range: < 0.20.6-r2
- (no CPE)range: < 2.2.0-r4
- (no CPE)range: < 2.3.0-r1
- (no CPE)range: < 2.2.0-r4
- (no CPE)range: < 2.3.0-r1
- (no CPE)range: < 2.6.4-r20
- (no CPE)range: < 2.7.5-r14
- (no CPE)range: < 2.8.5-r3
- (no CPE)range: < 2.6.4-r19
- (no CPE)range: < 2.7.5-r13
- (no CPE)range: < 2.8.5-r2
- (no CPE)range: < 1.1.1-r12
- (no CPE)range: < 1.1.1-r4
- (no CPE)range: < 1.8.2-r5
- (no CPE)range: < 1.8.2-r4
- (no CPE)range: < 18.10.4-r3
- (no CPE)range: < 18.11.2-r2
- (no CPE)range: < 18.9.6-r3
- (no CPE)range: < 18.10.4-r1
- (no CPE)range: < 18.11.2-r1
- (no CPE)range: < 18.9.6-r1
- (no CPE)range: < 1.25.5-r5
- (no CPE)range: < 1.25.5-r4
- (no CPE)range: < 18.1.6-r12
- (no CPE)range: < 18.10.5-r2
- (no CPE)range: < 18.11.2-r2
- (no CPE)range: < 18.9.6-r1
- (no CPE)range: < 18.1.6-r12
- (no CPE)range: < 18.10.4-r2
- (no CPE)range: < 18.11.2-r2
- (no CPE)range: < 18.9.6-r1
- (no CPE)range: < 18.10.1-r3
- (no CPE)range: < 18.11.2-r0
- (no CPE)range: < 18.9.0-r8
- (no CPE)range: < 18.10.1-r3
- (no CPE)range: < 18.11.2-r1
- (no CPE)range: < 18.9.0-r7
- (no CPE)range: < 18.10.1-r3
- (no CPE)range: < 18.11.2-r0
- (no CPE)range: < 18.9.0-r8
- (no CPE)range: < 18.10.1-r3
- (no CPE)range: < 18.11.2-r1
- (no CPE)range: < 18.9.0-r7
- (no CPE)range: < 0.14.0-r18
- (no CPE)range: < 4.3.3-r11
- (no CPE)range: < 5.0.0-r17
- (no CPE)range: < 4.3.3-r11
- (no CPE)range: < 5.0.0-r14
- (no CPE)range: < 20251028.00-r15
- (no CPE)range: < 2.15.3-r2
- (no CPE)range: < 0.9.9-r113
- (no CPE)range: < 12.1.10.01-r6
- (no CPE)range: < 1.15.1-r3
- (no CPE)range: < 1.15.1-r2
- (no CPE)range: < 12.1.9-r9
- (no CPE)range: < 0.111.0-r4
- (no CPE)range: < 0.53.1-r4
- (no CPE)range: < 0.111.0-r3
- (no CPE)range: < 1.1.0-r6
- (no CPE)range: < 1.1.0-r6
- (no CPE)range: < 1.1.0-r6
- (no CPE)range: < 2.101.0-r0
- (no CPE)range: < 0.50.18-r20
- (no CPE)range: < 0.50.18-r16
- (no CPE)range: < 1.25.13-r1
- (no CPE)range: < 1.25.13-r1
- (no CPE)range: < 1.9.6-r3
- (no CPE)range: < 1.130.0-r7
- (no CPE)range: < 4.0.5-r2
- (no CPE)range: < 4.0.5-r1
- (no CPE)range: < 4.0.5-r1
- (no CPE)range: < 4.0.5-r1
- (no CPE)range: < 4.0.5-r1
- (no CPE)range: < 1.10.8-r3
- (no CPE)range: < 1.10.8-r4
- (no CPE)range: < 1.10.8-r3
- (no CPE)range: < 1.10.8-r4
- (no CPE)range: < 1.15.3-r13
- (no CPE)range: < 1.16.3-r15
- (no CPE)range: < 1.17.1-r16
- (no CPE)range: < 1.15.3-r13
- (no CPE)range: < 1.16.3-r15
- (no CPE)range: < 1.17.1-r14
- (no CPE)range: < 0.0.0_git20260426-r0
- (no CPE)range: < 0.0.0_git20260426-r0
- (no CPE)range: < 0.50.1-r1
- (no CPE)range: < 2.7.3-r0
- (no CPE)range: < 3.8.0-r1
- (no CPE)range: < 2.3.6-r0
- (no CPE)range: < 1.15.1-r6
- (no CPE)range: < 1.15.1-r6
- (no CPE)range: < 3.229.0-r5
- (no CPE)range: < 2.7.0-r2
- (no CPE)range: < 3.103.0-r1
- (no CPE)range: < 3.229.0-r5
- (no CPE)range: < 1.22.0-r5
- (no CPE)range: < 3.229.0-r5
- (no CPE)range: < 3.229.0-r5
- (no CPE)range: < 1.31.1-r1
- (no CPE)range: < 0.15.0-r7
- (no CPE)range: < 0.15.0-r5
- (no CPE)range: < 0.15.0-r7
- (no CPE)range: < 0.15.0-r5
- (no CPE)range: < 3.7.1-r1
- (no CPE)range: < 5.5.0-r0
- (no CPE)range: < 2.18.3-r4
- (no CPE)range: < 2.18.3-r3
- (no CPE)range: < 1.1304.1-r1
- (no CPE)range: < 0.19.0-r48
- (no CPE)range: < 0.19.0-r30
- (no CPE)range: < 2.4.1-r3
- (no CPE)range: < 1.42.4-r3
- (no CPE)range: < 1.42.4-r2
- (no CPE)range: < 17.7.20-r10
- (no CPE)range: < 18.7.2-r11
- (no CPE)range: < 18.6.8-r13
- (no CPE)range: < 1.0.1-r1
- (no CPE)range: < 1.28.14-r29
- (no CPE)range: < 0.69.3-r12
- (no CPE)range: < 0.69.3-r7
- (no CPE)range: < 0.30.1-r6
- (no CPE)range: < 0.30.1-r5
- (no CPE)range: < 3.94.3-r3
- (no CPE)range: < 3.94.3-r2
- (no CPE)range: < 0.130.0-r0
- (no CPE)range: < 0.10.2-r21
- (no CPE)range: < 0.39.10-r1
- (no CPE)range: < 0.10.8-r35
- (no CPE)range: < 0.10.8-r33
- (no CPE)range: < 0.75.0-r2
- (no CPE)range: < 0.75.0-r2
- (no CPE)range: < 2.1.15-r13
- (no CPE)range: < 0.2.87-r3
- (no CPE)range: < 1.2.3-r1
- (no CPE)range: < 3.1.15-r1
- (no CPE)range: < 3.1.15-r1
- (no CPE)range: < 3.2.10-r1
- (no CPE)range: < 3.2.10-r1
- (no CPE)range: < 3.3.7-r2
- (no CPE)range: < 1.1.1-r9
- (no CPE)range: < 1.9.10-r16
- (no CPE)range: < 3.7.13-r2
- (no CPE)range: < 4.0.4-r6
- (no CPE)range: < 3.7.13-r2
- (no CPE)range: < 4.0.4-r6
- (no CPE)range: < 0.7.1-r15
- (no CPE)range: < 0.51.0-r18
- (no CPE)range: < 0.51.0-r18
- (no CPE)range: < 2.1.4-r12
- (no CPE)range: < 2.2.0-r9
- (no CPE)range: < 0.20.6-r2
- (no CPE)range: < 2.2.0-r4
- (no CPE)range: < 2.3.0-r1
- (no CPE)range: < 2.6.4-r20
- (no CPE)range: < 2.7.5-r14
- (no CPE)range: < 2.8.5-r3
- (no CPE)range: < 1.1.1-r12
- (no CPE)range: < 1.8.2-r5
- (no CPE)range: < 18.10.4-r3
- (no CPE)range: < 18.11.2-r2
- (no CPE)range: < 18.9.6-r3
- (no CPE)range: < 1.25.5-r5
- (no CPE)range: < 18.10.1-r3
- (no CPE)range: < 18.11.2-r0
- (no CPE)range: < 18.9.0-r8
- (no CPE)range: < 18.10.1-r3
- (no CPE)range: < 18.11.2-r0
- (no CPE)range: < 18.9.0-r8
- (no CPE)range: < 0.14.0-r18
- (no CPE)range: < 5.0.0-r17
- (no CPE)range: < 2.15.3-r2
- (no CPE)range: < 0.9.9-r113
- (no CPE)range: < 12.1.10.01-r6
- (no CPE)range: < 1.15.1-r3
- (no CPE)range: < 0.111.0-r4
- (no CPE)range: < 1.1.0-r6
- (no CPE)range: < 1.1.0-r6
- (no CPE)range: < 1.1.0-r6
- (no CPE)range: < 0.50.18-r20
- (no CPE)range: < 1.25.13-r1
- (no CPE)range: < 1.9.6-r3
- (no CPE)range: < 1.130.0-r7
- (no CPE)range: < 4.0.5-r2
- (no CPE)range: < 1.10.8-r3
- (no CPE)range: < 1.10.8-r3
- (no CPE)range: < 1.15.3-r13
- (no CPE)range: < 1.16.3-r15
- (no CPE)range: < 1.17.1-r16
- (no CPE)range: < 0.50.1-r1
- (no CPE)range: < 3.8.0-r1
- (no CPE)range: < 2.3.6-r0
- (no CPE)range: < 3.229.0-r5
- (no CPE)range: < 2.7.0-r2
- (no CPE)range: < 3.103.0-r1
- (no CPE)range: < 3.229.0-r5
- (no CPE)range: < 1.22.0-r5
- (no CPE)range: < 3.229.0-r5
- (no CPE)range: < 3.229.0-r5
- (no CPE)range: < 1.31.1-r1
- (no CPE)range: < 0.15.0-r7
- (no CPE)range: < 0.15.0-r7
- (no CPE)range: < 5.5.0-r0
- (no CPE)range: < 2.18.3-r4
- (no CPE)range: < 1.1304.1-r1
- (no CPE)range: < 0.19.0-r48
- (no CPE)range: < 2.4.1-r3
- (no CPE)range: < 1.42.4-r3
- (no CPE)range: < 17.7.20-r10
- (no CPE)range: < 18.7.2-r11
- (no CPE)range: < 18.6.8-r13
- (no CPE)range: < 1.28.14-r29
- (no CPE)range: < 0.69.3-r12
- (no CPE)range: < 0.30.1-r6
- (no CPE)range: < 3.94.3-r3
- (no CPE)range: < 0.10.2-r21
- (no CPE)range: < 0.39.10-r1
- (no CPE)range: < 0.10.8-r35
- (no CPE)range: < 0.75.0-r2
- (no CPE)range: < 2.1.15-r13
- (no CPE)range: < 5.18.0
- (no CPE)range: < 6.0.0-alpha.2
- (no CPE)range: < 3.3.4268.0-2.1
- (no CPE)range: < 5.1.0-2.1
- (no CPE)range: < 0.10.1-4.1
- (no CPE)range: < 20260511.00-1.1
- (no CPE)range: < 0.70.0-2.1
- (no CPE)range: < 3.3.4624.0-4.49.1
- (no CPE)range: < 3.3.4624.0-150000.5.37.1
- (no CPE)range: < 3.3.4624.0-150000.5.37.1
- (no CPE)range: < 3.3.4624.0-150000.5.37.1
- (no CPE)range: < 3.3.4624.0-150000.5.37.1
- (no CPE)range: < 3.3.4624.0-160000.1.1
- (no CPE)range: < 3.3.4624.0-160000.1.1
Patches
Vulnerability mechanics
References
5- github.com/advisories/GHSA-3xc5-wrhm-f963ghsaADVISORY
- github.com/go-git/go-git/security/advisories/GHSA-3xc5-wrhm-f963nvdVendor AdvisoryWEB
- nvd.nist.gov/vuln/detail/CVE-2026-41506ghsaADVISORY
- github.com/go-git/go-git/releases/tag/v5.18.0nvdProductRelease NotesWEB
- github.com/go-git/go-git/releases/tag/v6.0.0-alpha.2nvdProductRelease NotesWEB
News mentions
0No linked articles in our index yet.