Lucene search
+L

6 matches found

github
github
added 2026/06/08 11:43 p.m.17 views

Dulwich has unbounded memory allocation in receive-pack from crafted thin packs

Impact An uncontrolled-resource-consumption memory exhaustion denial-of-service vulnerability CWE-400 / CWE-789. A client with push access could push a tiny crafted thin pack 174 bytes whose delta header declares a huge destsize. When dulwich ingested it via addthinpack / applydelta, it would...

5.7CVSS5.5AI score0.00188EPSS
Exploits0References4Affected Software1
osv
osv
added 2026/05/29 7:45 p.m.11 views

GHSA-HG88-V3CW-3QRH Sparkle: Binary delta apply intermediate-symlink traversal in malicious .delta

Summary Binary delta apply intermediate-symlink traversal in malicious .delta Autoupdate/SUBinaryDeltaApply.m enforces relativePath.pathComponents containsObject:@".." and rejects writes whose immediate parent directory IS itself a symbolic link, but does not detect symlinks deeper in the relativ...

6.1CVSS5.8AI score0.00029EPSS
Exploits0References2
nvd
nvd
added 2010/11/05 5:0 p.m.12 views

CVE-2010-3846

Array index error in the applyrcschange function in rcs.c in CVS 1.11.23 allows local users to gain privileges via an RCS file containing crafted delta fragment changes that trigger a heap-based buffer overflow...

6.9CVSS6.4AI score0.00392EPSS
Exploits0References18
osv
osv
added 2010/11/05 5:0 p.m.16 views

CVE-2010-3846

Array index error in the applyrcschange function in rcs.c in CVS 1.11.23 allows local users to gain privileges via an RCS file containing crafted delta fragment changes that trigger a heap-based buffer overflow...

6.6AI score
Exploits0References19
cvelist
cvelist
added 2010/11/05 4:28 p.m.32 views

CVE-2010-3846

Array index error in the applyrcschange function in rcs.c in CVS 1.11.23 allows local users to gain privileges via an RCS file containing crafted delta fragment changes that trigger a heap-based buffer overflow...

6.2AI score0.00392EPSS
Exploits0References18
alpinelinux
alpinelinux
added 2010/11/05 4:28 p.m.92 views

CVE-2010-3846

Array index error in the applyrcschange function in rcs.c in CVS 1.11.23 allows local users to gain privileges via an RCS file containing crafted delta fragment changes that trigger a heap-based buffer overflow...

6.9CVSS6.4AI score0.00392EPSS
Exploits0
Rows per page
Query Builder