[Git][security-tracker-team/security-tracker][master] Add three new go-git issues

Salvatore Bonaccorso (@carnil) carnil at debian.org
Wed May 27 21:35:05 BST 2026 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
32426085 by Salvatore Bonaccorso at 2026-05-27T22:34:38+02:00
Add three new go-git issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -191,9 +191,11 @@ CVE-2026-45716 (Budibase is an open-source low-code platform. Prior to 3.38.1, t
 CVE-2026-45715 (Budibase is an open-source low-code platform. Prior to 3.38.1, the RES ...)
 	NOT-FOR-US: Budibase
 CVE-2026-45571 (go-git is an extensible git implementation library written in pure Go. ...)
-	TODO: check
+	- golang-github-go-git-go-git 5.19.1-1
+	NOTE: https://github.com/go-git/go-git/security/advisories/GHSA-crhj-59gh-8x96
 CVE-2026-45570 (go-git is an extensible git implementation library written in pure Go. ...)
-	TODO: check
+	- golang-github-go-git-go-git 5.19.1-1
+	NOTE: https://github.com/go-git/go-git/security/advisories/GHSA-m7cr-m3pv-hgrp
 CVE-2026-45548 (Budibase is an open-source low-code platform. Prior to 3.34.8, the pro ...)
 	NOT-FOR-US: Budibase
 CVE-2026-45335 (WeGIA is a web manager for charitable institutions. Prior to 3.7.3, an ...)
@@ -217,7 +219,8 @@ CVE-2026-45046 (Gryph provides a security layer for AI coding agents. Prior to 0
 CVE-2026-45027 (WeGIA is a web manager for charitable institutions. In versions prior  ...)
 	NOT-FOR-US: WeGIA
 CVE-2026-45022 (go-git is an extensible git implementation library written in pure Go. ...)
-	TODO: check
+	- golang-github-go-git-go-git 5.19.1-1
+	NOTE: https://github.com/go-git/go-git/security/advisories/GHSA-389r-gv7p-r3rp
 CVE-2026-44988 (LibVNCClient is a library for easy implementation of a VNC client. In  ...)
 	TODO: check
 CVE-2026-44972 (GuardDog is a CLI tool to identify malicious PyPI packages. From 2.6.0 ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/32426085c334bd42830d8b4d964f467a1d5e8232

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/32426085c334bd42830d8b4d964f467a1d5e8232
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260527/d1491378/attachment.htm>

More information about the debian-security-tracker-commits mailing list