Lucene search
K

6 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in libgit2

A issue was discovered in libgit2 before versions 0.28.4 and 0.9x before version 0.99.0. The checkout.c file mishandles equivalent filenames that exist due to NTFS short names. This may allow remote code execution when cloning a repository. This issue is similar to CVE-2019-1353...

9.8CVSS9.1AI score0.05087EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2020-4591

Malware in sbrugna...

9.8CVSS9.2AI score0.0511EPSS
Exploits0References8
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2018-2952

Malware in sbrugna...

6.5CVSS6.9AI score0.01848EPSS
Exploits0References7
OSV
OSV
added 2023/01/20 11:36 p.m.4 views

GHSA-M4CH-RFV5-X5G3 git2-rs fails to verify SSH keys by default

The git2 and libgit2-sys crates are Rust wrappers around the libgit2 C library. It was discovered that libgit2 1.5.0 and below did not verify SSH host keys when establishing an SSH connection, exposing users of the library to Man-In-the-Middle attacks. The libgit2 team assigned CVE-2023-22742 to...

6.8CVSS5.9AI score0.0058EPSS
Exploits0References6
Cvelist
Cvelist
added 2018/07/10 2:0 p.m.29 views

CVE-2018-10887

A flaw was found in libgit2 before version 0.27.3. It has been discovered that an unexpected sign extension in gitdeltaapply function in delta.c file may lead to an integer overflow which in turn leads to an out of bound read, allowing to read before the base object. An attacker may use this flaw...

7.9AI score0.02051EPSS
Exploits0References6
OSV
OSV
added 2017/03/24 3:59 p.m.1 views

DEBIAN-CVE-2016-10130

The httpconnect function in transports/http.c in libgit2 before 0.24.6 and 0.25.x before 0.25.1 might allow man-in-the-middle attackers to spoof servers by leveraging clobbering of the error variable...

5.9CVSS6.8AI score0.0171EPSS
Exploits0References1
Rows per page
Query Builder