Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
9.8
go-git Library Exposes Git Data to Unauthorized Access
CLEANSTART-2026-YW12690
Summary
The go-git library, used in the argo-cd-fips package, has security vulnerabilities that could allow unauthorized access to sensitive Git data. This could lead to data theft or corruption. The developers of go-git have not yet released patches or workarounds, so users should monitor for updates and wait for a fix before continuing to use the library.
What to do
- Update argo-cd-fips to version 3.2.7-r0.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| – | argo-cd-fips | <= 3.2.7-r0 | 3.2.7-r0 |
Original title
go-git is a highly extensible git implementation library written in pure Go
Original description
Multiple security vulnerabilities affect the argo-cd-fips package. go-git is a highly extensible git implementation library written in pure Go. See references for individual vulnerability details.
osv CVSS3.1
9.8
- https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advis... Vendor Advisory
- https://osv.dev/vulnerability/CVE-2025-55190 URL
- https://osv.dev/vulnerability/CVE-2025-55191 URL
- https://osv.dev/vulnerability/CVE-2025-58183 URL
- https://osv.dev/vulnerability/CVE-2025-58185 URL
- https://osv.dev/vulnerability/CVE-2025-58187 URL
- https://osv.dev/vulnerability/CVE-2025-58188 URL
- https://osv.dev/vulnerability/CVE-2025-58189 URL
- https://osv.dev/vulnerability/CVE-2025-59537 URL
- https://osv.dev/vulnerability/CVE-2025-59538 URL
- https://osv.dev/vulnerability/CVE-2025-61723 URL
- https://osv.dev/vulnerability/CVE-2025-61724 URL
- https://osv.dev/vulnerability/CVE-2025-61725 URL
- https://osv.dev/vulnerability/CVE-2026-25934 URL
- https://osv.dev/vulnerability/GHSA-2v5j-vhc3-9cwm URL
- https://osv.dev/vulnerability/GHSA-2vgg-9h3w-qbr4 URL
- https://osv.dev/vulnerability/GHSA-2xsj-vh29-9cwm URL
- https://osv.dev/vulnerability/GHSA-37cx-329c-33x3 URL
- https://osv.dev/vulnerability/GHSA-3wgm-2mw2-vh5m URL
- https://osv.dev/vulnerability/GHSA-4x4m-3c2p-qppc URL
- https://osv.dev/vulnerability/GHSA-6v2p-p543-phr9 URL
- https://osv.dev/vulnerability/GHSA-92cp-5422-2m47 URL
- https://osv.dev/vulnerability/GHSA-93mq-9ffx-83m2 URL
- https://osv.dev/vulnerability/GHSA-f6x5-jh6r-wrfv URL
- https://osv.dev/vulnerability/GHSA-hj2p-8wj8-pfq4 URL
- https://osv.dev/vulnerability/GHSA-j5w8-q4qc-rx2x URL
- https://osv.dev/vulnerability/GHSA-mh63-6h87-95cp URL
- https://osv.dev/vulnerability/GHSA-mw99-9chc-xw7r URL
- https://nvd.nist.gov/vuln/detail/CVE-2025-55190 URL
- https://nvd.nist.gov/vuln/detail/CVE-2025-55191 URL
- https://nvd.nist.gov/vuln/detail/CVE-2025-58183 URL
- https://nvd.nist.gov/vuln/detail/CVE-2025-58185 URL
- https://nvd.nist.gov/vuln/detail/CVE-2025-58187 URL
- https://nvd.nist.gov/vuln/detail/CVE-2025-58188 URL
- https://nvd.nist.gov/vuln/detail/CVE-2025-58189 URL
- https://nvd.nist.gov/vuln/detail/CVE-2025-59537 URL
- https://nvd.nist.gov/vuln/detail/CVE-2025-59538 URL
- https://nvd.nist.gov/vuln/detail/CVE-2025-61723 URL
- https://nvd.nist.gov/vuln/detail/CVE-2025-61724 URL
- https://nvd.nist.gov/vuln/detail/CVE-2025-61725 URL
- https://nvd.nist.gov/vuln/detail/CVE-2026-25934 URL
Published: 27 Feb 2026 · Updated: 13 Mar 2026 · First seen: 9 Mar 2026