Package impact
Go / github.com/git-lfs/git-lfs/v3
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-26625 | high | — | 8.0 | 5mo ago | Git LFS may write to arbitrary files via crafted symlinks | |||
| CVE-2024-53263 | high | — | 8.0 | 1y ago | Git LFS is a Git extension for versioning large files. When Git LFS requests credentials from Git for a remote host, it passes portions of the host's URL to the `git-credential(1)` command without ch… | |||
| CVE-2022-24826 | unknown | — | — | 4y ago | Git LFS can execute a binary from the current directory on Windows |