{"id":"GO-2024-2934","summary":"Minder affected by denial of service from maliciously configured Git repository in github.com/stacklok/minder","details":"Minder affected by denial of service from maliciously configured Git repository in github.com/stacklok/minder","aliases":["CVE-2024-37904","GHSA-hpcg-xjq5-g666"],"modified":"2026-03-17T04:49:12.768520Z","published":"2024-06-28T15:28:30Z","database_specific":{"url":"https://pkg.go.dev/vuln/GO-2024-2934","review_status":"UNREVIEWED"},"references":[{"type":"ADVISORY","url":"https://github.com/stacklok/minder/security/advisories/GHSA-hpcg-xjq5-g666"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-37904"},{"type":"FIX","url":"https://github.com/stacklok/minder/commit/35bab8f9a6025eea9e6e3cef6bd80707ac03d2a9"},{"type":"FIX","url":"https://github.com/stacklok/minder/commit/7979b43"},{"type":"WEB","url":"https://github.com/stacklok/minder/blob/85985445c8ac3e51f03372e99c7b2f08a6d274aa/internal/providers/git/git.go#L55-L89"},{"type":"WEB","url":"https://github.com/stacklok/minder/blob/85985445c8ac3e51f03372e99c7b2f08a6d274aa/internal/providers/git/git.go#L56-L62"}],"affected":[{"package":{"name":"github.com/stacklok/minder","ecosystem":"Go","purl":"pkg:golang/github.com/stacklok/minder"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0"},{"fixed":"0.0.52"}]}],"ecosystem_specific":{},"database_specific":{"source":"https://vuln.go.dev/ID/GO-2024-2934.json"}}],"schema_version":"1.7.5"}