556 matches found
CVE-2014-9390
Git before 1.8.5.6, 1.9.x before 1.9.5, 2.0.x before 2.0.5, 2.1.x before 2.1.4, and 2.2.x before 2.2.1 on Windows and OS X; Mercurial before 3.2.3 on Windows and OS X; Apple Xcode before 6.2 beta 3; mine all versions before 08-12-2014; libgit2 all versions up to 0.21.2; Egit all versions before...
DEBIAN-CVE-2014-9390
Git before 1.8.5.6, 1.9.x before 1.9.5, 2.0.x before 2.0.5, 2.1.x before 2.1.4, and 2.2.x before 2.2.1 on Windows and OS X; Mercurial before 3.2.3 on Windows and OS X; Apple Xcode before 6.2 beta 3; mine all versions before 08-12-2014; libgit2 all versions up to 0.21.2; Egit all versions before...
CVE-2014-9390
Git before 1.8.5.6, 1.9.x before 1.9.5, 2.0.x before 2.0.5, 2.1.x before 2.1.4, and 2.2.x before 2.2.1 on Windows and OS X; Mercurial before 3.2.3 on Windows and OS X; Apple Xcode before 6.2 beta 3; mine all versions before 08-12-2014; libgit2 all versions up to 0.21.2; Egit all versions before...
Command injection
Git before 1.8.5.6, 1.9.x before 1.9.5, 2.0.x before 2.0.5, 2.1.x before 2.1.4, and 2.2.x before 2.2.1 on Windows and OS X; Mercurial before 3.2.3 on Windows and OS X; Apple Xcode before 6.2 beta 3; mine all versions before 08-12-2014; libgit2 all versions up to 0.21.2; Egit all versions before...
PYSEC-2020-217
Git before 1.8.5.6, 1.9.x before 1.9.5, 2.0.x before 2.0.5, 2.1.x before 2.1.4, and 2.2.x before 2.2.1 on Windows and OS X; Mercurial before 3.2.3 on Windows and OS X; Apple Xcode before 6.2 beta 3; mine all versions before 08-12-2014; libgit2 all versions up to 0.21.2; Egit all versions before...
CVE-2014-9390
Git before 1.8.5.6, 1.9.x before 1.9.5, 2.0.x before 2.0.5, 2.1.x before 2.1.4, and 2.2.x before 2.2.1 on Windows and OS X; Mercurial before 3.2.3 on Windows and OS X; Apple Xcode before 6.2 beta 3; mine all versions before 08-12-2014; libgit2 all versions up to 0.21.2; Egit all versions before...
CVE-2014-9390
Git before 1.8.5.6, 1.9.x before 1.9.5, 2.0.x before 2.0.5, 2.1.x before 2.1.4, and 2.2.x before 2.2.1 on Windows and OS X; Mercurial before 3.2.3 on Windows and OS X; Apple Xcode before 6.2 beta 3; mine all versions before 08-12-2014; libgit2 all versions up to 0.21.2; Egit all versions before...
Fedora Update for libgit2 FEDORA-2019-9c3d054f39
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
[ASA-201912-5] libgit2: arbitrary code execution
Arch Linux Security Advisory ASA-201912-5 ========================================= Severity: High Date : 2019-12-18 CVE-ID : CVE-2019-1348 CVE-2019-1349 CVE-2019-1352 CVE-2019-1387 Package : libgit2 Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-1075 Summa...
[SECURITY] Fedora 31 Update: libgit2-0.28.4-1.fc31
libgit2 is a portable, pure C implementation of the Git core methods provided as a re-entrant linkable library with a solid API, allowing you to write native speed custom Git applications in any language with bindings...
Fedora 31 : libgit2 (2019-9c3d054f39)
This is a security release fixing the following issues : - CVE-2019-1348: the fast-import stream command 'feature export-marks=path' allows writing to arbitrary file paths. As libgit2 does not offer any interface for fast-import, it is not susceptible to this vulnerability. - CVE-2019-1349: by...
MGASA-2019-0391 Updated libgit2 packages fix security vulnerabilities
libgit2 has been updated to version 0.28.4 to fix several security issues: A carefully constructed commit object with a very large number of parents may lead to potential out-of-bounds writes or potential denial of service. CVE-2019-1348: the fast-import stream command "feature export-marks=path"...
Updated libgit2 packages fix security vulnerabilities
libgit2 has been updated to version 0.28.4 to fix several security issues: A carefully constructed commit object with a very large number of parents may lead to potential out-of-bounds writes or potential denial of service. CVE-2019-1348: the fast-import stream command "feature export-marks=path"...
PT-2019-6259 · Libgit2 +3 · Libgit2 +3
Name of the Vulnerable Software and Affected Versions: libgit2 versions prior to 0.28.4 libgit2 versions 0.9x prior to 0.99.0 Description: The issue is related to the path.c component of libgit2, which mishandles equivalent filenames due to NTFS Alternate Data Streams. This may allow a remote...
PT-2019-6258 · Libgit2 +3 · Libgit2 +3
Name of the Vulnerable Software and Affected Versions: libgit2 versions prior to 0.28.4 libgit2 versions 0.9x prior to 0.99.0 Description: The issue is related to the checkout.c component of libgit2, which mishandles equivalent filenames due to NTFS short names. This may allow a remote attacker t...
libgit2:patch_parse_fuzzer: Heap-buffer-overflow in git_buf_decode_base85
Project: https://github.com/libgit2/libgit2.git Detailed Report: https://oss-fuzz.com/testcase?key=4789150477975552 Project: libgit2 Fuzzing Engine: libFuzzer Fuzz Target: patchparsefuzzer Job Type: libfuzzerasanlibgit2 Platform Id: linux Crash Type: Heap-buffer-overflow READ 1 Crash Address:...
libgit2:patch_parse_fuzzer: Heap-buffer-overflow in stdalloc__strdup
Project: https://github.com/libgit2/libgit2.git Detailed Report: https://oss-fuzz.com/testcase?key=5645975162454016 Project: libgit2 Fuzzing Engine: afl Fuzz Target: patchparsefuzzer Job Type: aflasanlibgit2 Platform Id: linux Crash Type: Heap-buffer-overflow READ Crash Address: 0x611000365d42...
FreeBSD : Libgit2 -- multiple vulnerabilities (d51b52cf-c199-11e9-b13f-001b217b3468)
The Git community reports : A carefully constructed commit object with a very large number of parents may lead to potential out-of-bounds writes or potential denial of service. The ProgramData configuration file is always read for compatibility with Git for Windows and Portable Git installations...
CVE-2018-15501
In ngpkt in transports/smartpkt.c in libgit2 before 0.26.6 and 0.27.x before 0.27.4, a remote attacker can send a crafted smart-protocol "ng" packet that lacks a '\0' byte to trigger an out-of-bounds read that leads to DoS...
CVE-2018-8098
Integer overflow in the index.c:readentry function while decompressing a compressed prefix length in libgit2 before v0.26.2 allows an attacker to cause a denial of service out-of-bounds read via a crafted repository index file...