556 matches found
UBUNTU-CVE-2016-10129
The Git Smart Protocol support in libgit2 before 0.24.6 and 0.25.x before 0.25.1 allows remote attackers to cause a denial of service NULL pointer dereference via an empty packet line...
CVE-2016-10129
The Git Smart Protocol support in libgit2 before 0.24.6 and 0.25.x before 0.25.1 allows remote attackers to cause a denial of service NULL pointer dereference via an empty packet line...
CVE-2016-10130
The httpconnect function in transports/http.c in libgit2 before 0.24.6 and 0.25.x before 0.25.1 might allow man-in-the-middle attackers to spoof servers by leveraging clobbering of the error variable...
UBUNTU-CVE-2016-10128
Buffer overflow in the gitpktparseline function in transports/smartpkt.c in the Git Smart Protocol support in libgit2 before 0.24.6 and 0.25.x before 0.25.1 allows remote attackers to have unspecified impact via a crafted non-flush packet...
Buffer overflow
Buffer overflow in the gitpktparseline function in transports/smartpkt.c in the Git Smart Protocol support in libgit2 before 0.24.6 and 0.25.x before 0.25.1 allows remote attackers to have unspecified impact via a crafted non-flush packet...
CVE-2016-10128
Buffer overflow in the gitpktparseline function in transports/smartpkt.c in the Git Smart Protocol support in libgit2 before 0.24.6 and 0.25.x before 0.25.1 allows remote attackers to have unspecified impact via a crafted non-flush packet...
DEBIAN-CVE-2016-10129
The Git Smart Protocol support in libgit2 before 0.24.6 and 0.25.x before 0.25.1 allows remote attackers to cause a denial of service NULL pointer dereference via an empty packet line...
UBUNTU-CVE-2016-10130
The httpconnect function in transports/http.c in libgit2 before 0.24.6 and 0.25.x before 0.25.1 might allow man-in-the-middle attackers to spoof servers by leveraging clobbering of the error variable...
CVE-2016-10130
The httpconnect function in transports/http.c in libgit2 before 0.24.6 and 0.25.x before 0.25.1 might allow man-in-the-middle attackers to spoof servers by leveraging clobbering of the error variable...
CVE-2016-10128
Buffer overflow in the gitpktparseline function in transports/smartpkt.c in the Git Smart Protocol support in libgit2 before 0.24.6 and 0.25.x before 0.25.1 allows remote attackers to have unspecified impact via a crafted non-flush packet...
CVE-2016-10130
The httpconnect function in transports/http.c in libgit2 before 0.24.6 and 0.25.x before 0.25.1 might allow man-in-the-middle attackers to spoof servers by leveraging clobbering of the error variable...
CVE-2016-10129
CVE-2016-10129 affects libgit2’s Git Smart Protocol handling: an empty packet line can trigger a NULL pointer dereference, enabling a remote DoS. Public docs confirm the issue and that upstream fixes were implemented in 0.24.6 (and related 0.25.x fixes in other CVEs); affected releases prior to t...
CVE-2016-10130
CVE-2016-10130 affects libgit2: the http_connect path in transports/http.c allows a MITM by clobbering the error variable. Versions before 0.24.6 and 0.25.x before 0.25.1 are vulnerable. Impact: spoofed certificates/possible remote compromise; remediation: upgrade libgit2 to 0.24.6+ (or 0.25.1+ i...
CVE-2016-10129
The Git Smart Protocol support in libgit2 before 0.24.6 and 0.25.x before 0.25.1 allows remote attackers to cause a denial of service NULL pointer dereference via an empty packet line...
CVE-2016-10129
The Git Smart Protocol support in libgit2 before 0.24.6 and 0.25.x before 0.25.1 allows remote attackers to cause a denial of service NULL pointer dereference via an empty packet line...
CVE-2016-10129
The Git Smart Protocol support in libgit2 before 0.24.6 and 0.25.x before 0.25.1 allows remote attackers to cause a denial of service NULL pointer dereference via an empty packet line...
CVE-2016-10128
CVE-2016-10128 describes a buffer overflow in the Git Smart Protocol handling of libgit2. Specifically, the vulnerability arises in git_pkt_parse_line within transports/smart_pkt.c, allowing remote attackers to cause unspecified impact via a crafted non-flush packet when using libgit2 versions be...
openSUSE Security Update : libgit2 (openSUSE-2017-262)
This update for libgit2 fixes the several issues. These security issues were fixed : - CVE-2016-10128: Additional sanitization prevent some edge cases in the Git Smart Protocol which can lead to reading outside of a buffer bsc1019036. - CVE-2016-10129: Additional sanitization prevent some edge...
SUSE-SU-2017:0433-1 Security update for libgit2
This update for libgit2 fixes the several issues. These security issues were fixed: - CVE-2016-10130: When using the custom certificate callback or when using pygit2 or git2go a attacker could have caused an invalid certificate to be accepted bsc1019037. - CVE-2017-5338: When using the custom...
openSUSE Security Update : libgit2 (openSUSE-2017-213)
This update for libgit2 fixes the following issues : - CVE-2016-10130: When using the custom certificate callback or when using pygit2 or git2go a attacker could have caused an invalid certificate to be accepted bsc1019037. - CVE-2017-5338: When using the custom certificate callback or when using...