Astra Linux - уязвимость в libgit2

libgit2 is a cross-platform, linkable library implementation of Git. When using an SSH remote with the optional libssh2 backend, libgit2 does not perform certificate checking by default. Previous versions of libgit2 required the caller to set the certificatecheck field of the libgit2’s...

Astra Linux - уязвимость в libgit2

An issue was discovered in libgit2 before 0.28.4 and 0.9x before 0.99.0. path.c mishandles equivalent filenames that exist because of NTFS Alternate Data Streams. This may allow remote code execution when cloning a repository. This issue is similar to CVE-2019-1352...

Fedora 43 : libgit2 (2026-c0124f91bf)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-c0124f91bf advisory. Update to version 1.9.2. Release notes: https://github.com/libgit2/libgit2/releases/tag/v1.9.2 Tenable has extracted the preceding description block directly...

EUVD-2016-1320

Malware in sbrugna...

EUVD-2018-7378

Malware in sbrugna...

EUVD-2020-4592

Malware in sbrugna...

EUVD-2016-9417

Malware in sbrugna...

EUVD-2016-1318

Malware in sbrugna...

EUVD-2024-21980

Malicious code in bioql PyPI...

EUVD-2024-21982

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2018-8098

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Integer overflow in the index.c:readentry function while decompressing a compressed prefix length in libgit2 before v0.26.2 allows an attacker to cause a denial...

TencentOS Server 4: libgit2 (TSSA-2024:0586)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:0586 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

Important: rust

Issue Overview: libgit2 is a portable C implementation of the Git core methods provided as a linkable library with a solid API, allowing to build Git functionality into your application. Using well-crafted inputs to gitindexadd can cause heap corruption that could be leveraged for arbitrary code...

Advisory ROSA-SA-2025-2656

Software: libgit2 1.4.5 OS: ROSA-CHROME packageevrstring: libgit2-1.4.5 CVE-ID: CVE-2024-24575 BDU-ID: 2024-01378 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the src/libgit2/revparse.c component of the C Libgit2 implementation of Git methods is associated with uncontrolled resource consumption...

Important: rust

Issue Overview: libgit2 is a portable C implementation of the Git core methods provided as a linkable library with a solid API, allowing to build Git functionality into your application. Using well-crafted inputs to gitrevparsesingle can cause the function to enter an infinite loop, potentially...

Important: libgit2

Issue Overview: libgit2 is a portable C implementation of the Git core methods provided as a linkable library with a solid API, allowing to build Git functionality into your application. Using well-crafted inputs to gitrevparsesingle can cause the function to enter an infinite loop, potentially...

libgit2 Security Vulnerabilities

libgit2 is a portable, C implementation of the Git core development package. A security vulnerability exists in libgit2. An attacker exploiting this vulnerability with a specially crafted "gitindexadd" input could cause heap corruption, which could lead to the execution of arbitrary code...

SUSE CVE-2016-10129

The Git Smart Protocol support in libgit2 before 0.24.6 and 0.25.x before 0.25.1 allows remote attackers to cause a denial of service NULL pointer dereference via an empty packet line...

Vulnerability fixed in libgit2

A vulnerability has been fixed in libgit2. libgit2 is a library for providing git functionality to Python and Go applications. An unauthenticated malicious person can exploit the exploit the vulnerability to perform a man-in-the-middle attack because libgit2 does not verify SSH certificates by...

USN-4798-1 libgit2 vulnerabilities

It was discovered that libgit2 mishandled certain malformed git objects. A remote attacker could use this vulnerability to cause a denial of service...