Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
libgit2 libgit2 vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2020-12279
An issue exists in libgit2 prior to 0.28.4 and 0.9x prior to 0.99.0. checkout.c mishandles equivalent filenames that exist because of NTFS short names. This may allow remote code execution when cloning a repository. This issue is similar to CVE-2019-1353.
Libgit2 Libgit2
Debian Debian Linux 9.0
7.5
CVSSv2
CVE-2020-12278
An issue exists in libgit2 prior to 0.28.4 and 0.9x prior to 0.99.0. path.c mishandles equivalent filenames that exist because of NTFS Alternate Data Streams. This may allow remote code execution when cloning a repository. This issue is similar to CVE-2019-1352.
Libgit2 Libgit2
Debian Debian Linux 9.0
7.5
CVSSv2
CVE-2014-9390
Git prior to 1.8.5.6, 1.9.x prior to 1.9.5, 2.0.x prior to 2.0.5, 2.1.x prior to 2.1.4, and 2.2.x prior to 2.2.1 on Windows and OS X; Mercurial prior to 3.2.3 on Windows and OS X; Apple Xcode prior to 6.2 beta 3; mine all versions prior to 08-12-2014; libgit2 all versions up to 0...
Git-scm Git
Mercurial Mercurial
Apple Xcode
Apple Xcode 6.2
Eclipse Egit
Eclipse Jgit
Libgit2 Libgit2
2 Metasploit modules
4 Github repositories
7.5
CVSSv2
CVE-2016-10128
Buffer overflow in the git_pkt_parse_line function in transports/smart_pkt.c in the Git Smart Protocol support in libgit2 prior to 0.24.6 and 0.25.x prior to 0.25.1 allows remote malicious users to have unspecified impact via a crafted non-flush packet.
Libgit2 Project Libgit2 0.25.0
Libgit2 Project Libgit2
5.8
CVSSv2
CVE-2018-10887
A flaw was found in libgit2 before version 0.27.3. It has been discovered that an unexpected sign extension in git_delta_apply function in delta.c file may lead to an integer overflow which in turn leads to an out of bound read, allowing to read before the base object. An attacke...
Libgit2 Libgit2
Debian Debian Linux 8.0
Debian Debian Linux 9.0
5
CVSSv2
CVE-2018-15501
In ng_pkt in transports/smart_pkt.c in libgit2 prior to 0.26.6 and 0.27.x prior to 0.27.4, a remote attacker can send a crafted smart-protocol "ng" packet that lacks a '\0' byte to trigger an out-of-bounds read that leads to DoS.
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Libgit2 Libgit2
5
CVSSv2
CVE-2016-10129
The Git Smart Protocol support in libgit2 prior to 0.24.6 and 0.25.x prior to 0.25.1 allows remote malicious users to cause a denial of service (NULL pointer dereference) via an empty packet line.
Libgit2 Project Libgit2 0.25.0
Libgit2 Project Libgit2
4.3
CVSSv2
CVE-2018-10888
A flaw was found in libgit2 before version 0.27.3. A missing check in git_delta_apply function in delta.c file, may lead to an out-of-bound read while reading a binary delta file. An attacker may use this flaw to cause a Denial of Service.
Libgit2 Libgit2
Debian Debian Linux 8.0
Debian Debian Linux 9.0
4.3
CVSSv2
CVE-2018-8098
Integer overflow in the index.c:read_entry() function while decompressing a compressed prefix length in libgit2 before v0.26.2 allows an malicious user to cause a denial of service (out-of-bounds read) via a crafted repository index file.
Libgit2 Libgit2
Debian Debian Linux 9.0
4.3
CVSSv2
CVE-2018-8099
Incorrect returning of an error code in the index.c:read_entry() function leads to a double free in libgit2 before v0.26.2, which allows an malicious user to cause a denial of service via a crafted repository index file.
Libgit2 Libgit2
Debian Debian Linux 9.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49333
CVE-2024-33901
CVE-2024-36001
CVE-2024-2835
firewall
XPath injection
authentication bypass
CVE-2024-22120
CVE-2024-32002
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »