Debian/libgit2 — 21 CVEs

Loading…

All known vulnerabilities

CRITICAL9.8CVE-2024-24577libgit2 - security update

from 0, < 1.1.0+dfsg.1-4+deb11u2

CRITICAL9.8CVE-2024-24577libgit2 - security update

from 0, < 1.1.0+dfsg.1-4+deb11u2

CRITICAL9.8CVE-2024-24577libgit2 - security update

from 0, < 0.27.7+dfsg.1-0.2+deb10u2

CRITICAL9.8mercurial - security update

from 0, < 0.21.3-1

CRITICAL9.8An issue was discovered in libgit2 before 0.28.4 and 0.9x before 0.99.0.

from 0, < 0.28.4+dfsg.1-2

CRITICAL9.8libgit2 - security update

from 0, < 0.28.4+dfsg.1-2

CRITICAL9.8libgit2 - security update

from 0, < 0.27.7+dfsg.1-0.2+deb10u1

CRITICAL9.8Buffer overflow in the git_pkt_parse_line function in transports/smart_pkt.c in the Git Smart Protocol support in libgit2 before 0.24.6 and…

from 0, < 0.25.1+really0.24.6-1

HIGH8.6Memory corruption, denial of service, and arbitrary code execution in libgit2

from 0, < 1.5.1+ds-1+deb12u1

HIGH8.1libgit2 - security update

from 0, < 0.25.1+really0.24.6-1+deb9u1

HIGH8.1libgit2 - security update

from 0, < 0.21.1-3+deb8u1

HIGH8.1libgit2 - security update

from 0, < 0.27.4+dfsg.1-0.1

HIGH7.5In ng_pkt in transports/smart_pkt.c in libgit2 before 0.26.6 and 0.27.x before 0.27.4, a remote attacker can send a crafted smart-protocol…

from 0, < 0.27.4+dfsg.1-0.1

HIGH7.5The Git Smart Protocol support in libgit2 before 0.24.6 and 0.25.x before 0.25.1 allows remote attackers to cause a denial of service (NULL…

from 0, < 0.25.1+really0.24.6-1

MEDIUM6.8git2 does not verify SSH keys by default

from 0, < 1.1.0+dfsg.1-4+deb11u1

MEDIUM6.5A flaw was found in libgit2 before version 0.27.3.

from 0, < 0.27.4+dfsg.1-0.1

MEDIUM6.5Incorrect returning of an error code in the index.c:read_entry() function leads to a double free in libgit2 before v0.26.2, which allows an…

from 0, < 0.27.0+dfsg.1-0.6

MEDIUM6.5Integer overflow in the index.c:read_entry() function while decompressing a compressed prefix length in libgit2 before v0.26.2 allows an at…

from 0, < 0.27.0+dfsg.1-0.6

MEDIUM5.9The http_connect function in transports/http.c in libgit2 before 0.24.6 and 0.25.x before 0.25.1 might allow man-in-the-middle attackers to…

from 0, < 0.25.1+really0.24.6-1

MEDIUM5.5The git_oid_nfmt function in commit.c in libgit2 before 0.24.3 allows remote attackers to cause a denial of service (NULL pointer dereferen…

from 0, < 0.24.2-2

MEDIUM5.5The git_commit_message function in oid.c in libgit2 before 0.24.3 allows remote attackers to cause a denial of service (out-of-bounds read)…

from 0, < 0.24.5-1

pkg:Debian/libgit2

✅ Check your installed version

All known vulnerabilities