Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
Libgit2 ProjectLibgit20.24.5

3 matches found

CVE
CVEadded 2017/03/24 3:0 p.m.83 views

CVE-2016-10130

CVE-2016-10130 affects libgit2: the http_connect path in transports/http.c allows a MITM by clobbering the error variable. Versions before 0.24.6 and 0.25.x before 0.25.1 are vulnerable. Impact: spoofed certificates/possible remote compromise; remediation: upgrade libgit2 to 0.24.6+ (or 0.25.1+ i...

5.9CVSS7.1AI score0.00699EPSS
CVE
CVEadded 2017/03/24 3:0 p.m.79 views

CVE-2016-10128

CVE-2016-10128 describes a buffer overflow in the Git Smart Protocol handling of libgit2. Specifically, the vulnerability arises in git_pkt_parse_line within transports/smart_pkt.c, allowing remote attackers to cause unspecified impact via a crafted non-flush packet when using libgit2 versions be...

9.8CVSS9.4AI score0.01918EPSS
CVE
CVEadded 2017/03/24 3:0 p.m.78 views

CVE-2016-10129

CVE-2016-10129 affects libgit2’s Git Smart Protocol handling: an empty packet line can trigger a NULL pointer dereference, enabling a remote DoS. Public docs confirm the issue and that upstream fixes were implemented in 0.24.6 (and related 0.25.x fixes in other CVEs); affected releases prior to t...

7.5CVSS8AI score0.0321EPSS