CVSS 3.1 Score 9.8 of 10 (high)


Published Jan 12, 2024
Updated: Jan 22, 2024


CVE-2023-49569 is a path traversal vulnerability in go-git versions prior to v5.11, which could potentially lead to remote code execution. This vulnerability affects applications using the ChrootOS in the Open and Clone functions of go-git. However, applications using BoundOS or in-memory filesystems are not affected. The vulnerability does not impact the upstream git cli. This vulnerability has a base severity rating of CRITICAL, with high impacts on integrity and confidentiality. It has a CVSS score of 9.8 out of 10 and is considered a network-based attack with low complexity. Organizations should update their go-git versions to v5.11 or above to remediate this vulnerability and prevent potential exploitation.

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2023-49569 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options