GHSA-X494-MJ8G-CJ27 gix-pack has multiple DoS vectors: unchecked indexing panics and uncapped OOM allocations from crafted pack data

Summary Multiple denial-of-service vectors in gix-pack: unchecked array indexing causes panics on crafted delta data, and uncapped attacker-controlled size headers enable OOM process kills. Both are triggered by malicious pack data received during clone/fetch. Details Bug 1: Unchecked array...

EUVD-2015-0020

Malware in sbrugna...

SUSE CVE-2015-0838

Buffer overflow in the C implementation of the applydelta function in pack.c in Dulwich before 0.9.9 allows remote attackers to execute arbitrary code via a crafted pack file...

PYSEC-2015-35

Buffer overflow in the C implementation of the applydelta function in pack.c in Dulwich before 0.9.9 allows remote attackers to execute arbitrary code via a crafted pack file...

CVE-2015-0838

Buffer overflow in the C implementation of the applydelta function in pack.c in Dulwich before 0.9.9 allows remote attackers to execute arbitrary code via a crafted pack file...

Dulwich -- Remote code execution

MITRE reports: Buffer overflow in the C implementation of the applydelta function in pack.c in Dulwich before 0.9.9 allows remote attackers to execute arbitrary code via a crafted pack file...