21 matches found
PT-2026-51628
Name of the Vulnerable Software and Affected Versions Gogs affected versions not specified Description Gogs contains an authorization bypass in its Git Smart HTTP handler for repository RPCs. The system determines the authorization policy based on the client-supplied service query parameter rathe...
EUVD-2016-1319
Malware in sbrugna...
EUVD-2016-1318
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2016-10128
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Buffer overflow in the gitpktparseline function in transports/smartpkt.c in the Git Smart Protocol support in libgit2 before 0.24.6 and 0.25.x before 0.25.1...
SUSE CVE-2016-10128
Buffer overflow in the gitpktparseline function in transports/smartpkt.c in the Git Smart Protocol support in libgit2 before 0.24.6 and 0.25.x before 0.25.1 allows remote attackers to have unspecified impact via a crafted non-flush packet...
SUSE CVE-2016-10129
The Git Smart Protocol support in libgit2 before 0.24.6 and 0.25.x before 0.25.1 allows remote attackers to cause a denial of service NULL pointer dereference via an empty packet line...
Updated libgit2 packages fix security vulnerabilities
Read out-of-bounds in gitoidnfmt CVE-2016-8568. DoS using a null pointer dereference in gitcommitmessage CVE-2016-8569. Insufficient sanitization allows some edge cases in the Git Smart Protocol which can lead to reading outside of a buffer CVE-2016-10128, CVE-2016-10129...
MGASA-2017-0319 Updated libgit2 packages fix security vulnerabilities
Read out-of-bounds in gitoidnfmt CVE-2016-8568. DoS using a null pointer dereference in gitcommitmessage CVE-2016-8569. Insufficient sanitization allows some edge cases in the Git Smart Protocol which can lead to reading outside of a buffer CVE-2016-10128, CVE-2016-10129...
ALPINE-CVE-2016-10129
The Git Smart Protocol support in libgit2 before 0.24.6 and 0.25.x before 0.25.1 allows remote attackers to cause a denial of service NULL pointer dereference via an empty packet line...
CVE-2016-10129
The Git Smart Protocol support in libgit2 before 0.24.6 and 0.25.x before 0.25.1 allows remote attackers to cause a denial of service NULL pointer dereference via an empty packet line...
DEBIAN-CVE-2016-10129
The Git Smart Protocol support in libgit2 before 0.24.6 and 0.25.x before 0.25.1 allows remote attackers to cause a denial of service NULL pointer dereference via an empty packet line...
ALPINE-CVE-2016-10128
Buffer overflow in the gitpktparseline function in transports/smartpkt.c in the Git Smart Protocol support in libgit2 before 0.24.6 and 0.25.x before 0.25.1 allows remote attackers to have unspecified impact via a crafted non-flush packet...
UBUNTU-CVE-2016-10129
The Git Smart Protocol support in libgit2 before 0.24.6 and 0.25.x before 0.25.1 allows remote attackers to cause a denial of service NULL pointer dereference via an empty packet line...
CVE-2016-10128
Buffer overflow in the gitpktparseline function in transports/smartpkt.c in the Git Smart Protocol support in libgit2 before 0.24.6 and 0.25.x before 0.25.1 allows remote attackers to have unspecified impact via a crafted non-flush packet...
UBUNTU-CVE-2016-10128
Buffer overflow in the gitpktparseline function in transports/smartpkt.c in the Git Smart Protocol support in libgit2 before 0.24.6 and 0.25.x before 0.25.1 allows remote attackers to have unspecified impact via a crafted non-flush packet...
CVE-2016-10129
The Git Smart Protocol support in libgit2 before 0.24.6 and 0.25.x before 0.25.1 allows remote attackers to cause a denial of service NULL pointer dereference via an empty packet line...
CVE-2016-10129
The Git Smart Protocol support in libgit2 before 0.24.6 and 0.25.x before 0.25.1 allows remote attackers to cause a denial of service NULL pointer dereference via an empty packet line...
CVE-2016-10128
Buffer overflow in the gitpktparseline function in transports/smartpkt.c in the Git Smart Protocol support in libgit2 before 0.24.6 and 0.25.x before 0.25.1 allows remote attackers to have unspecified impact via a crafted non-flush packet...
CVE-2016-10129
The Git Smart Protocol support in libgit2 before 0.24.6 and 0.25.x before 0.25.1 allows remote attackers to cause a denial of service NULL pointer dereference via an empty packet line...
openSUSE Security Update : libgit2 (openSUSE-2017-213)
This update for libgit2 fixes the following issues : - CVE-2016-10130: When using the custom certificate callback or when using pygit2 or git2go a attacker could have caused an invalid certificate to be accepted bsc1019037. - CVE-2017-5338: When using the custom certificate callback or when using...