VDB

GO-2026-4910

GO-2026-4910 PUBLISHED

Maliciously crafted idx file can cause asymmetric memory consumption in github.com/go-git/go-git

Affected Products

VendorProductVersions
github.comgo-git/go-git/v55.0.0, 5.0.0
github.comgo-git/go-git0, 0
github.comgo-git/go-git/v40, 0

Timeline

  • Apr 7, 2026 CVE Published
  • Apr 8, 2026 CVE Updated

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›