Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:deb/debian/libgit2@1.9.2%2Bds-6?distro=trixie
Typedeb
Namespacedebian
Namelibgit2
Version1.9.2+ds-6
Qualifiers
distro trixie
Subpath
Is_vulnerablefalse
Next_non_vulnerable_versionnull
Latest_non_vulnerable_versionnull
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-1uzu-6121-x7bc
vulnerability_id VCID-1uzu-6121-x7bc
summary 
Out-of-bounds Read
The libgit2 library, which is used by pygit2, is vulnerable to an integer overflow which leads to an out-of-bound read. An attacker may use this flaw to leak memory addresses or cause a Denial of Service.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-10887
reference_id
reference_type
scores
0
value 0.00258
scoring_system epss
scoring_elements 0.4918
published_at 2026-04-21T12:55:00Z
1
value 0.00258
scoring_system epss
scoring_elements 0.49212
published_at 2026-04-16T12:55:00Z
2
value 0.00258
scoring_system epss
scoring_elements 0.4921
published_at 2026-04-18T12:55:00Z
3
value 0.00258
scoring_system epss
scoring_elements 0.49104
published_at 2026-04-01T12:55:00Z
4
value 0.00258
scoring_system epss
scoring_elements 0.49136
published_at 2026-04-02T12:55:00Z
5
value 0.00258
scoring_system epss
scoring_elements 0.49165
published_at 2026-04-13T12:55:00Z
6
value 0.00258
scoring_system epss
scoring_elements 0.49118
published_at 2026-04-07T12:55:00Z
7
value 0.00258
scoring_system epss
scoring_elements 0.49172
published_at 2026-04-08T12:55:00Z
8
value 0.00258
scoring_system epss
scoring_elements 0.49169
published_at 2026-04-09T12:55:00Z
9
value 0.00258
scoring_system epss
scoring_elements 0.49186
published_at 2026-04-11T12:55:00Z
10
value 0.00258
scoring_system epss
scoring_elements 0.4916
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-10887
1
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1598021
reference_id
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1598021
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10887
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10887
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/libgit2/libgit2/commit/3f461902dc1072acb8b7607ee65d0a0458ffac2a
reference_id
reference_type
scores
url https://github.com/libgit2/libgit2/commit/3f461902dc1072acb8b7607ee65d0a0458ffac2a
5
reference_url https://github.com/libgit2/libgit2/commit/c1577110467b701dcbcf9439ac225ea851b47d22
reference_id
reference_type
scores
url https://github.com/libgit2/libgit2/commit/c1577110467b701dcbcf9439ac225ea851b47d22
6
reference_url https://github.com/libgit2/libgit2/releases/tag/v0.27.3
reference_id
reference_type
scores
url https://github.com/libgit2/libgit2/releases/tag/v0.27.3
7
reference_url https://lists.debian.org/debian-lts-announce/2018/08/msg00024.html
reference_id
reference_type
scores
url https://lists.debian.org/debian-lts-announce/2018/08/msg00024.html
8
reference_url https://lists.debian.org/debian-lts-announce/2022/03/msg00031.html
reference_id
reference_type
scores
url https://lists.debian.org/debian-lts-announce/2022/03/msg00031.html
9
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=903509
reference_id 903509
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=903509
10
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libgit2:libgit2:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:libgit2:libgit2:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libgit2:libgit2:*:*:*:*:*:*:*:*
11
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
12
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
13
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-10887
reference_id CVE-2018-10887
reference_type
scores
0
value 5.8
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:P/I:N/A:P
1
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H
url https://nvd.nist.gov/vuln/detail/CVE-2018-10887
fixed_packages
0
url pkg:deb/debian/libgit2@0.27.4%2Bdfsg.1-0.1?distro=trixie
purl pkg:deb/debian/libgit2@0.27.4%2Bdfsg.1-0.1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgit2@0.27.4%252Bdfsg.1-0.1%3Fdistro=trixie
1
url pkg:deb/debian/libgit2@1.1.0%2Bdfsg.1-4%2Bdeb11u2?distro=trixie
purl pkg:deb/debian/libgit2@1.1.0%2Bdfsg.1-4%2Bdeb11u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgit2@1.1.0%252Bdfsg.1-4%252Bdeb11u2%3Fdistro=trixie
2
url pkg:deb/debian/libgit2@1.5.1%2Bds-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/libgit2@1.5.1%2Bds-1%2Bdeb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgit2@1.5.1%252Bds-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/libgit2@1.9.0%2Bds-2?distro=trixie
purl pkg:deb/debian/libgit2@1.9.0%2Bds-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgit2@1.9.0%252Bds-2%3Fdistro=trixie
4
url pkg:deb/debian/libgit2@1.9.2%2Bds-6?distro=trixie
purl pkg:deb/debian/libgit2@1.9.2%2Bds-6?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgit2@1.9.2%252Bds-6%3Fdistro=trixie
aliases CVE-2018-10887
risk_score 3.6
exploitability 0.5
weighted_severity 7.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1uzu-6121-x7bc
1
url VCID-2s6d-9bsu-zqaq
vulnerability_id VCID-2s6d-9bsu-zqaq
summary 
Out-of-bounds Read
A flaw was found in libgit2 which is wrapped by the rugged gem. A missing check
in git_delta_apply function in `delta.c` file, may lead to an out-of-bound read while reading a binary delta file. An attacker may use this flaw to cause a Denial of Service.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-10888
reference_id
reference_type
scores
0
value 0.00408
scoring_system epss
scoring_elements 0.61206
published_at 2026-04-21T12:55:00Z
1
value 0.00408
scoring_system epss
scoring_elements 0.61225
published_at 2026-04-18T12:55:00Z
2
value 0.00408
scoring_system epss
scoring_elements 0.61058
published_at 2026-04-01T12:55:00Z
3
value 0.00408
scoring_system epss
scoring_elements 0.61135
published_at 2026-04-02T12:55:00Z
4
value 0.00408
scoring_system epss
scoring_elements 0.61163
published_at 2026-04-04T12:55:00Z
5
value 0.00408
scoring_system epss
scoring_elements 0.61128
published_at 2026-04-07T12:55:00Z
6
value 0.00408
scoring_system epss
scoring_elements 0.61177
published_at 2026-04-08T12:55:00Z
7
value 0.00408
scoring_system epss
scoring_elements 0.61192
published_at 2026-04-09T12:55:00Z
8
value 0.00408
scoring_system epss
scoring_elements 0.61212
published_at 2026-04-11T12:55:00Z
9
value 0.00408
scoring_system epss
scoring_elements 0.61199
published_at 2026-04-12T12:55:00Z
10
value 0.00408
scoring_system epss
scoring_elements 0.6118
published_at 2026-04-13T12:55:00Z
11
value 0.00408
scoring_system epss
scoring_elements 0.6122
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-10888
1
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1598024
reference_id
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1598024
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10888
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10888
3
reference_url https://github.com/libgit2/libgit2/commit/9844d38bed10e9ff17174434b3421b227ae710f3
reference_id
reference_type
scores
url https://github.com/libgit2/libgit2/commit/9844d38bed10e9ff17174434b3421b227ae710f3
4
reference_url https://github.com/libgit2/libgit2/releases/tag/v0.27.3
reference_id
reference_type
scores
url https://github.com/libgit2/libgit2/releases/tag/v0.27.3
5
reference_url https://lists.debian.org/debian-lts-announce/2018/08/msg00024.html
reference_id
reference_type
scores
url https://lists.debian.org/debian-lts-announce/2018/08/msg00024.html
6
reference_url https://lists.debian.org/debian-lts-announce/2022/03/msg00031.html
reference_id
reference_type
scores
url https://lists.debian.org/debian-lts-announce/2022/03/msg00031.html
7
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=903508
reference_id 903508
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=903508
8
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libgit2:libgit2:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:libgit2:libgit2:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libgit2:libgit2:*:*:*:*:*:*:*:*
9
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
10
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
11
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-10888
reference_id CVE-2018-10888
reference_type
scores
0
value 4.3
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:N/I:N/A:P
1
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
url https://nvd.nist.gov/vuln/detail/CVE-2018-10888
fixed_packages
0
url pkg:deb/debian/libgit2@0.27.4%2Bdfsg.1-0.1?distro=trixie
purl pkg:deb/debian/libgit2@0.27.4%2Bdfsg.1-0.1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgit2@0.27.4%252Bdfsg.1-0.1%3Fdistro=trixie
1
url pkg:deb/debian/libgit2@1.1.0%2Bdfsg.1-4%2Bdeb11u2?distro=trixie
purl pkg:deb/debian/libgit2@1.1.0%2Bdfsg.1-4%2Bdeb11u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgit2@1.1.0%252Bdfsg.1-4%252Bdeb11u2%3Fdistro=trixie
2
url pkg:deb/debian/libgit2@1.5.1%2Bds-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/libgit2@1.5.1%2Bds-1%2Bdeb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgit2@1.5.1%252Bds-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/libgit2@1.9.0%2Bds-2?distro=trixie
purl pkg:deb/debian/libgit2@1.9.0%2Bds-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgit2@1.9.0%252Bds-2%3Fdistro=trixie
4
url pkg:deb/debian/libgit2@1.9.2%2Bds-6?distro=trixie
purl pkg:deb/debian/libgit2@1.9.2%2Bds-6?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgit2@1.9.2%252Bds-6%3Fdistro=trixie
aliases CVE-2018-10888
risk_score 3.0
exploitability 0.5
weighted_severity 5.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2s6d-9bsu-zqaq
2
url VCID-52tu-vs8k-fbfe
vulnerability_id VCID-52tu-vs8k-fbfe
summary libgit2: files inside the .git directory may be overwritten during cloning via NTFS Alternate Data Streams
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12278.json
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12278.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-12278
reference_id
reference_type
scores
0
value 0.06011
scoring_system epss
scoring_elements 0.90663
published_at 2026-04-01T12:55:00Z
1
value 0.06011
scoring_system epss
scoring_elements 0.90667
published_at 2026-04-02T12:55:00Z
2
value 0.06011
scoring_system epss
scoring_elements 0.90677
published_at 2026-04-04T12:55:00Z
3
value 0.06011
scoring_system epss
scoring_elements 0.90686
published_at 2026-04-07T12:55:00Z
4
value 0.06011
scoring_system epss
scoring_elements 0.90697
published_at 2026-04-08T12:55:00Z
5
value 0.06011
scoring_system epss
scoring_elements 0.90703
published_at 2026-04-09T12:55:00Z
6
value 0.06011
scoring_system epss
scoring_elements 0.90712
published_at 2026-04-12T12:55:00Z
7
value 0.06011
scoring_system epss
scoring_elements 0.90709
published_at 2026-04-13T12:55:00Z
8
value 0.06011
scoring_system epss
scoring_elements 0.90728
published_at 2026-04-16T12:55:00Z
9
value 0.06011
scoring_system epss
scoring_elements 0.90725
published_at 2026-04-18T12:55:00Z
10
value 0.06011
scoring_system epss
scoring_elements 0.90723
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-12278
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12278
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12278
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1829397
reference_id 1829397
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1829397
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-12278
reference_id CVE-2020-12278
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2020-12278
5
reference_url https://usn.ubuntu.com/6678-1/
reference_id USN-6678-1
reference_type
scores
url https://usn.ubuntu.com/6678-1/
fixed_packages
0
url pkg:deb/debian/libgit2@0.28.4%2Bdfsg.1-2?distro=trixie
purl pkg:deb/debian/libgit2@0.28.4%2Bdfsg.1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgit2@0.28.4%252Bdfsg.1-2%3Fdistro=trixie
1
url pkg:deb/debian/libgit2@1.1.0%2Bdfsg.1-4%2Bdeb11u2?distro=trixie
purl pkg:deb/debian/libgit2@1.1.0%2Bdfsg.1-4%2Bdeb11u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgit2@1.1.0%252Bdfsg.1-4%252Bdeb11u2%3Fdistro=trixie
2
url pkg:deb/debian/libgit2@1.5.1%2Bds-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/libgit2@1.5.1%2Bds-1%2Bdeb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgit2@1.5.1%252Bds-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/libgit2@1.9.0%2Bds-2?distro=trixie
purl pkg:deb/debian/libgit2@1.9.0%2Bds-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgit2@1.9.0%252Bds-2%3Fdistro=trixie
4
url pkg:deb/debian/libgit2@1.9.2%2Bds-6?distro=trixie
purl pkg:deb/debian/libgit2@1.9.2%2Bds-6?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgit2@1.9.2%252Bds-6%3Fdistro=trixie
aliases CVE-2020-12278, GHSA-5wph-8frv-58vj
risk_score 3.6
exploitability 0.5
weighted_severity 7.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-52tu-vs8k-fbfe
3
url VCID-bejf-17ah-tybt
vulnerability_id VCID-bejf-17ah-tybt
summary Buffer overflow in the git_pkt_parse_line function in transports/smart_pkt.c in the Git Smart Protocol support in libgit2 before 0.24.6 and 0.25.x before 0.25.1 allows remote attackers to have unspecified impact via a crafted non-flush packet.
references
0
reference_url http://lists.opensuse.org/opensuse-updates/2017-02/msg00030.html
reference_id
reference_type
scores
url http://lists.opensuse.org/opensuse-updates/2017-02/msg00030.html
1
reference_url http://lists.opensuse.org/opensuse-updates/2017-02/msg00036.html
reference_id
reference_type
scores
url http://lists.opensuse.org/opensuse-updates/2017-02/msg00036.html
2
reference_url http://lists.opensuse.org/opensuse-updates/2017-02/msg00072.html
reference_id
reference_type
scores
url http://lists.opensuse.org/opensuse-updates/2017-02/msg00072.html
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-10128
reference_id
reference_type
scores
0
value 0.02741
scoring_system epss
scoring_elements 0.85995
published_at 2026-04-21T12:55:00Z
1
value 0.02741
scoring_system epss
scoring_elements 0.85982
published_at 2026-04-13T12:55:00Z
2
value 0.02741
scoring_system epss
scoring_elements 0.86
published_at 2026-04-16T12:55:00Z
3
value 0.02741
scoring_system epss
scoring_elements 0.86005
published_at 2026-04-18T12:55:00Z
4
value 0.02741
scoring_system epss
scoring_elements 0.85915
published_at 2026-04-01T12:55:00Z
5
value 0.02741
scoring_system epss
scoring_elements 0.85927
published_at 2026-04-02T12:55:00Z
6
value 0.02741
scoring_system epss
scoring_elements 0.85944
published_at 2026-04-04T12:55:00Z
7
value 0.02741
scoring_system epss
scoring_elements 0.85946
published_at 2026-04-07T12:55:00Z
8
value 0.02741
scoring_system epss
scoring_elements 0.85964
published_at 2026-04-08T12:55:00Z
9
value 0.02741
scoring_system epss
scoring_elements 0.85974
published_at 2026-04-09T12:55:00Z
10
value 0.02741
scoring_system epss
scoring_elements 0.85989
published_at 2026-04-11T12:55:00Z
11
value 0.02741
scoring_system epss
scoring_elements 0.85987
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-10128
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10128
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10128
5
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.8
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:P/I:N/A:P
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
6
reference_url https://github.com/libgit2/libgit2/commit/4ac39c76c0153d1ee6889a0984c39e97731684b2
reference_id
reference_type
scores
url https://github.com/libgit2/libgit2/commit/4ac39c76c0153d1ee6889a0984c39e97731684b2
7
reference_url https://github.com/libgit2/libgit2/commit/66e3774d279672ee51c3b54545a79d20d1ada834
reference_id
reference_type
scores
url https://github.com/libgit2/libgit2/commit/66e3774d279672ee51c3b54545a79d20d1ada834
8
reference_url https://libgit2.github.com/security/
reference_id
reference_type
scores
url https://libgit2.github.com/security/
9
reference_url http://www.openwall.com/lists/oss-security/2017/01/10/5
reference_id
reference_type
scores
url http://www.openwall.com/lists/oss-security/2017/01/10/5
10
reference_url http://www.openwall.com/lists/oss-security/2017/01/11/6
reference_id
reference_type
scores
url http://www.openwall.com/lists/oss-security/2017/01/11/6
11
reference_url http://www.securityfocus.com/bid/95338
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/95338
12
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=851406
reference_id 851406
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=851406
13
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=860990
reference_id 860990
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=860990
14
reference_url https://security.archlinux.org/ASA-201701-21
reference_id ASA-201701-21
reference_type
scores
url https://security.archlinux.org/ASA-201701-21
15
reference_url https://security.archlinux.org/AVG-131
reference_id AVG-131
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-131
16
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libgit2_project:libgit2:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:libgit2_project:libgit2:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libgit2_project:libgit2:*:*:*:*:*:*:*:*
17
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libgit2_project:libgit2:0.25.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:libgit2_project:libgit2:0.25.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libgit2_project:libgit2:0.25.0:*:*:*:*:*:*:*
18
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libgit2_project:libgit2:0.25.0:rc1:*:*:*:*:*:*
reference_id cpe:2.3:a:libgit2_project:libgit2:0.25.0:rc1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libgit2_project:libgit2:0.25.0:rc1:*:*:*:*:*:*
19
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libgit2_project:libgit2:0.25.0:rc2:*:*:*:*:*:*
reference_id cpe:2.3:a:libgit2_project:libgit2:0.25.0:rc2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libgit2_project:libgit2:0.25.0:rc2:*:*:*:*:*:*
20
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-10128
reference_id CVE-2016-10128
reference_type
scores
0
value 7.5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:P/I:P/A:P
1
value 9.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://nvd.nist.gov/vuln/detail/CVE-2016-10128
fixed_packages
0
url pkg:deb/debian/libgit2@0.25.1%2Breally0.24.6-1?distro=trixie
purl pkg:deb/debian/libgit2@0.25.1%2Breally0.24.6-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgit2@0.25.1%252Breally0.24.6-1%3Fdistro=trixie
1
url pkg:deb/debian/libgit2@1.1.0%2Bdfsg.1-4%2Bdeb11u2?distro=trixie
purl pkg:deb/debian/libgit2@1.1.0%2Bdfsg.1-4%2Bdeb11u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgit2@1.1.0%252Bdfsg.1-4%252Bdeb11u2%3Fdistro=trixie
2
url pkg:deb/debian/libgit2@1.5.1%2Bds-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/libgit2@1.5.1%2Bds-1%2Bdeb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgit2@1.5.1%252Bds-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/libgit2@1.9.0%2Bds-2?distro=trixie
purl pkg:deb/debian/libgit2@1.9.0%2Bds-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgit2@1.9.0%252Bds-2%3Fdistro=trixie
4
url pkg:deb/debian/libgit2@1.9.2%2Bds-6?distro=trixie
purl pkg:deb/debian/libgit2@1.9.2%2Bds-6?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgit2@1.9.2%252Bds-6%3Fdistro=trixie
aliases CVE-2016-10128
risk_score 4.4
exploitability 0.5
weighted_severity 8.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bejf-17ah-tybt
4
url VCID-er9h-5wad-buhg
vulnerability_id VCID-er9h-5wad-buhg
summary libgit2: denial of service (DoS) via crafted repository index files
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-8098.json
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-8098.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-8098
reference_id
reference_type
scores
0
value 0.00741
scoring_system epss
scoring_elements 0.72894
published_at 2026-04-01T12:55:00Z
1
value 0.00741
scoring_system epss
scoring_elements 0.72902
published_at 2026-04-02T12:55:00Z
2
value 0.00741
scoring_system epss
scoring_elements 0.72922
published_at 2026-04-04T12:55:00Z
3
value 0.00741
scoring_system epss
scoring_elements 0.72897
published_at 2026-04-07T12:55:00Z
4
value 0.00741
scoring_system epss
scoring_elements 0.72935
published_at 2026-04-08T12:55:00Z
5
value 0.00741
scoring_system epss
scoring_elements 0.72949
published_at 2026-04-09T12:55:00Z
6
value 0.00741
scoring_system epss
scoring_elements 0.72974
published_at 2026-04-11T12:55:00Z
7
value 0.00741
scoring_system epss
scoring_elements 0.72956
published_at 2026-04-12T12:55:00Z
8
value 0.00741
scoring_system epss
scoring_elements 0.7295
published_at 2026-04-13T12:55:00Z
9
value 0.00741
scoring_system epss
scoring_elements 0.72991
published_at 2026-04-16T12:55:00Z
10
value 0.00741
scoring_system epss
scoring_elements 0.73001
published_at 2026-04-18T12:55:00Z
11
value 0.00741
scoring_system epss
scoring_elements 0.72994
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-8098
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8098
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8098
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1554366
reference_id 1554366
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1554366
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=892961
reference_id 892961
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=892961
fixed_packages
0
url pkg:deb/debian/libgit2@0.27.0%2Bdfsg.1-0.6?distro=trixie
purl pkg:deb/debian/libgit2@0.27.0%2Bdfsg.1-0.6?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgit2@0.27.0%252Bdfsg.1-0.6%3Fdistro=trixie
1
url pkg:deb/debian/libgit2@1.1.0%2Bdfsg.1-4%2Bdeb11u2?distro=trixie
purl pkg:deb/debian/libgit2@1.1.0%2Bdfsg.1-4%2Bdeb11u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgit2@1.1.0%252Bdfsg.1-4%252Bdeb11u2%3Fdistro=trixie
2
url pkg:deb/debian/libgit2@1.5.1%2Bds-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/libgit2@1.5.1%2Bds-1%2Bdeb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgit2@1.5.1%252Bds-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/libgit2@1.9.0%2Bds-2?distro=trixie
purl pkg:deb/debian/libgit2@1.9.0%2Bds-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgit2@1.9.0%252Bds-2%3Fdistro=trixie
4
url pkg:deb/debian/libgit2@1.9.2%2Bds-6?distro=trixie
purl pkg:deb/debian/libgit2@1.9.2%2Bds-6?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgit2@1.9.2%252Bds-6%3Fdistro=trixie
aliases CVE-2018-8098
risk_score 1.9
exploitability 0.5
weighted_severity 3.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-er9h-5wad-buhg
5
url VCID-fhjz-7s1y-f7bm
vulnerability_id VCID-fhjz-7s1y-f7bm
summary libgit2: arbitrary code execution due to heap corruption in git_index_add
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-24577.json
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-24577.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-24577
reference_id
reference_type
scores
0
value 0.00376
scoring_system epss
scoring_elements 0.59208
published_at 2026-04-21T12:55:00Z
1
value 0.00408
scoring_system epss
scoring_elements 0.61159
published_at 2026-04-02T12:55:00Z
2
value 0.00408
scoring_system epss
scoring_elements 0.61223
published_at 2026-04-12T12:55:00Z
3
value 0.00408
scoring_system epss
scoring_elements 0.61236
published_at 2026-04-11T12:55:00Z
4
value 0.00408
scoring_system epss
scoring_elements 0.61216
published_at 2026-04-09T12:55:00Z
5
value 0.00408
scoring_system epss
scoring_elements 0.61201
published_at 2026-04-08T12:55:00Z
6
value 0.00408
scoring_system epss
scoring_elements 0.61153
published_at 2026-04-07T12:55:00Z
7
value 0.00408
scoring_system epss
scoring_elements 0.61187
published_at 2026-04-04T12:55:00Z
8
value 0.00408
scoring_system epss
scoring_elements 0.6125
published_at 2026-04-18T12:55:00Z
9
value 0.00408
scoring_system epss
scoring_elements 0.61244
published_at 2026-04-16T12:55:00Z
10
value 0.00408
scoring_system epss
scoring_elements 0.61204
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-24577
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24577
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24577
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1063416
reference_id 1063416
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1063416
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2263095
reference_id 2263095
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2263095
6
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4M3P7WIEPXNRLBINQRJFXUSTNKBCHYC7/
reference_id 4M3P7WIEPXNRLBINQRJFXUSTNKBCHYC7
reference_type
scores
0
value 8.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T18:43:07Z/
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4M3P7WIEPXNRLBINQRJFXUSTNKBCHYC7/
7
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7CNDW3PF6NHO7OXNM5GN6WSSGAMA7MZE/
reference_id 7CNDW3PF6NHO7OXNM5GN6WSSGAMA7MZE
reference_type
scores
0
value 8.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T18:43:07Z/
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7CNDW3PF6NHO7OXNM5GN6WSSGAMA7MZE/
8
reference_url https://github.com/libgit2/libgit2/security/advisories/GHSA-j2v7-4f6v-gpg8
reference_id GHSA-j2v7-4f6v-gpg8
reference_type
scores
0
value 8.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T18:43:07Z/
url https://github.com/libgit2/libgit2/security/advisories/GHSA-j2v7-4f6v-gpg8
9
reference_url https://lists.debian.org/debian-lts-announce/2024/02/msg00012.html
reference_id msg00012.html
reference_type
scores
0
value 8.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T18:43:07Z/
url https://lists.debian.org/debian-lts-announce/2024/02/msg00012.html
10
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/S635BGHHZUMRPI7QOXOJ45QHDD5FFZ3S/
reference_id S635BGHHZUMRPI7QOXOJ45QHDD5FFZ3S
reference_type
scores
0
value 8.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T18:43:07Z/
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/S635BGHHZUMRPI7QOXOJ45QHDD5FFZ3S/
11
reference_url https://usn.ubuntu.com/6678-1/
reference_id USN-6678-1
reference_type
scores
url https://usn.ubuntu.com/6678-1/
12
reference_url https://github.com/libgit2/libgit2/releases/tag/v1.6.5
reference_id v1.6.5
reference_type
scores
0
value 8.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T18:43:07Z/
url https://github.com/libgit2/libgit2/releases/tag/v1.6.5
13
reference_url https://github.com/libgit2/libgit2/releases/tag/v1.7.2
reference_id v1.7.2
reference_type
scores
0
value 8.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T18:43:07Z/
url https://github.com/libgit2/libgit2/releases/tag/v1.7.2
14
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z6MXOX7I43OWNN7R6M54XLG6U5RXY244/
reference_id Z6MXOX7I43OWNN7R6M54XLG6U5RXY244
reference_type
scores
0
value 8.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T18:43:07Z/
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z6MXOX7I43OWNN7R6M54XLG6U5RXY244/
15
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZGNHOEE2RBLH7KCJUPUNYG4CDTW4HTBT/
reference_id ZGNHOEE2RBLH7KCJUPUNYG4CDTW4HTBT
reference_type
scores
0
value 8.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T18:43:07Z/
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZGNHOEE2RBLH7KCJUPUNYG4CDTW4HTBT/
fixed_packages
0
url pkg:deb/debian/libgit2@1.1.0%2Bdfsg.1-4%2Bdeb11u2?distro=trixie
purl pkg:deb/debian/libgit2@1.1.0%2Bdfsg.1-4%2Bdeb11u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgit2@1.1.0%252Bdfsg.1-4%252Bdeb11u2%3Fdistro=trixie
1
url pkg:deb/debian/libgit2@1.5.1%2Bds-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/libgit2@1.5.1%2Bds-1%2Bdeb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgit2@1.5.1%252Bds-1%252Bdeb12u1%3Fdistro=trixie
2
url pkg:deb/debian/libgit2@1.7.2%2Bds-1?distro=trixie
purl pkg:deb/debian/libgit2@1.7.2%2Bds-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgit2@1.7.2%252Bds-1%3Fdistro=trixie
3
url pkg:deb/debian/libgit2@1.9.0%2Bds-2?distro=trixie
purl pkg:deb/debian/libgit2@1.9.0%2Bds-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgit2@1.9.0%252Bds-2%3Fdistro=trixie
4
url pkg:deb/debian/libgit2@1.9.2%2Bds-6?distro=trixie
purl pkg:deb/debian/libgit2@1.9.2%2Bds-6?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgit2@1.9.2%252Bds-6%3Fdistro=trixie
aliases CVE-2024-24577
risk_score 4.4
exploitability 0.5
weighted_severity 8.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fhjz-7s1y-f7bm
6
url VCID-j1c4-rux6-wygr
vulnerability_id VCID-j1c4-rux6-wygr
summary Git before 1.8.5.6, 1.9.x before 1.9.5, 2.0.x before 2.0.5, 2.1.x before 2.1.4, and 2.2.x before 2.2.1 on Windows and OS X; Mercurial before 3.2.3 on Windows and OS X; Apple Xcode before 6.2 beta 3; mine all versions before 08-12-2014; libgit2 all versions up to 0.21.2; Egit all versions before 08-12-2014; and JGit all versions before 08-12-2014 allow remote Git servers to execute arbitrary commands via a tree containing a crafted .git/config file with (1) an ignorable Unicode codepoint, (2) a git~1/config representation, or (3) mixed case that is improperly handled on a case-insensitive filesystem.
references
0
reference_url http://article.gmane.org/gmane.linux.kernel/1853266
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://article.gmane.org/gmane.linux.kernel/1853266
1
reference_url http://git-blame.blogspot.com/2014/12/git-1856-195-205-214-and-221-and.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://git-blame.blogspot.com/2014/12/git-1856-195-205-214-and-221-and.html
2
reference_url http://mercurial.selenic.com/wiki/WhatsNew
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://mercurial.selenic.com/wiki/WhatsNew
3
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9390.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9390.json
4
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-9390
reference_id
reference_type
scores
0
value 0.77155
scoring_system epss
scoring_elements 0.98972
published_at 2026-04-18T12:55:00Z
1
value 0.77155
scoring_system epss
scoring_elements 0.9897
published_at 2026-04-13T12:55:00Z
2
value 0.77155
scoring_system epss
scoring_elements 0.98968
published_at 2026-04-09T12:55:00Z
3
value 0.77155
scoring_system epss
scoring_elements 0.98967
published_at 2026-04-07T12:55:00Z
4
value 0.77155
scoring_system epss
scoring_elements 0.98965
published_at 2026-04-04T12:55:00Z
5
value 0.77155
scoring_system epss
scoring_elements 0.98962
published_at 2026-04-02T12:55:00Z
6
value 0.77155
scoring_system epss
scoring_elements 0.98961
published_at 2026-04-01T12:55:00Z
7
value 0.77155
scoring_system epss
scoring_elements 0.98973
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-9390
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9390
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9390
6
reference_url http://securitytracker.com/id?1031404
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://securitytracker.com/id?1031404
7
reference_url https://github.com/blog/1938-git-client-vulnerability-announced
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/blog/1938-git-client-vulnerability-announced
8
reference_url https://github.com/blog/1938-vulnerability-announced-update-your-git-clients
reference_id
reference_type
scores
url https://github.com/blog/1938-vulnerability-announced-update-your-git-clients
9
reference_url https://github.com/libgit2/libgit2/commit/928429c5c96a701bcbcafacb2421a82602b36915
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/libgit2/libgit2/commit/928429c5c96a701bcbcafacb2421a82602b36915
10
reference_url https://github.com/libgit2/libgit2/releases/tag/v0.21.3
reference_id
reference_type
scores
url https://github.com/libgit2/libgit2/releases/tag/v0.21.3
11
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/mercurial/PYSEC-2020-217.yaml
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/mercurial/PYSEC-2020-217.yaml
12
reference_url https://libgit2.org/security
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://libgit2.org/security
13
reference_url https://libgit2.org/security/
reference_id
reference_type
scores
url https://libgit2.org/security/
14
reference_url https://news.ycombinator.com/item?id=8769667
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://news.ycombinator.com/item?id=8769667
15
reference_url https://projects.eclipse.org/projects/technology.jgit/releases/3.5.3
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://projects.eclipse.org/projects/technology.jgit/releases/3.5.3
16
reference_url http://support.apple.com/kb/HT204147
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://support.apple.com/kb/HT204147
17
reference_url https://web.archive.org/web/20211204220400/https://securitytracker.com/id?1031404
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20211204220400/https://securitytracker.com/id?1031404
18
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1175960
reference_id 1175960
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1175960
19
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=773640
reference_id 773640
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=773640
20
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=774048
reference_id 774048
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=774048
21
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=774050
reference_id 774050
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=774050
22
reference_url https://nvd.nist.gov/vuln/detail/CVE-2014-9390
reference_id CVE-2014-9390
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2014-9390
23
reference_url https://github.com/advisories/GHSA-6vvc-c2m3-cjf3
reference_id GHSA-6vvc-c2m3-cjf3
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-6vvc-c2m3-cjf3
24
reference_url https://security.gentoo.org/glsa/201509-06
reference_id GLSA-201509-06
reference_type
scores
url https://security.gentoo.org/glsa/201509-06
25
reference_url https://usn.ubuntu.com/2470-1/
reference_id USN-2470-1
reference_type
scores
url https://usn.ubuntu.com/2470-1/
fixed_packages
0
url pkg:deb/debian/libgit2@0.21.3-1?distro=trixie
purl pkg:deb/debian/libgit2@0.21.3-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgit2@0.21.3-1%3Fdistro=trixie
1
url pkg:deb/debian/libgit2@1.1.0%2Bdfsg.1-4%2Bdeb11u2?distro=trixie
purl pkg:deb/debian/libgit2@1.1.0%2Bdfsg.1-4%2Bdeb11u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgit2@1.1.0%252Bdfsg.1-4%252Bdeb11u2%3Fdistro=trixie
2
url pkg:deb/debian/libgit2@1.5.1%2Bds-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/libgit2@1.5.1%2Bds-1%2Bdeb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgit2@1.5.1%252Bds-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/libgit2@1.9.0%2Bds-2?distro=trixie
purl pkg:deb/debian/libgit2@1.9.0%2Bds-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgit2@1.9.0%252Bds-2%3Fdistro=trixie
4
url pkg:deb/debian/libgit2@1.9.2%2Bds-6?distro=trixie
purl pkg:deb/debian/libgit2@1.9.2%2Bds-6?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgit2@1.9.2%252Bds-6%3Fdistro=trixie
aliases CVE-2014-9390, GHSA-6vvc-c2m3-cjf3, PYSEC-2020-217
risk_score 10.0
exploitability 2.0
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-j1c4-rux6-wygr
7
url VCID-k211-ta2v-8fb2
vulnerability_id VCID-k211-ta2v-8fb2
summary libgit2: potential infiniate loop condition in git_revparse_single
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-24575.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-24575.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-24575
reference_id
reference_type
scores
0
value 0.0182
scoring_system epss
scoring_elements 0.8291
published_at 2026-04-21T12:55:00Z
1
value 0.01974
scoring_system epss
scoring_elements 0.83498
published_at 2026-04-02T12:55:00Z
2
value 0.01974
scoring_system epss
scoring_elements 0.83584
published_at 2026-04-16T12:55:00Z
3
value 0.01974
scoring_system epss
scoring_elements 0.83551
published_at 2026-04-13T12:55:00Z
4
value 0.01974
scoring_system epss
scoring_elements 0.83555
published_at 2026-04-12T12:55:00Z
5
value 0.01974
scoring_system epss
scoring_elements 0.83561
published_at 2026-04-11T12:55:00Z
6
value 0.01974
scoring_system epss
scoring_elements 0.83546
published_at 2026-04-09T12:55:00Z
7
value 0.01974
scoring_system epss
scoring_elements 0.83537
published_at 2026-04-08T12:55:00Z
8
value 0.01974
scoring_system epss
scoring_elements 0.83513
published_at 2026-04-07T12:55:00Z
9
value 0.01974
scoring_system epss
scoring_elements 0.83512
published_at 2026-04-04T12:55:00Z
10
value 0.01974
scoring_system epss
scoring_elements 0.83585
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-24575
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1063415
reference_id 1063415
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1063415
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2263092
reference_id 2263092
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2263092
5
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4M3P7WIEPXNRLBINQRJFXUSTNKBCHYC7/
reference_id 4M3P7WIEPXNRLBINQRJFXUSTNKBCHYC7
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-21T18:43:05Z/
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4M3P7WIEPXNRLBINQRJFXUSTNKBCHYC7/
6
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7CNDW3PF6NHO7OXNM5GN6WSSGAMA7MZE/
reference_id 7CNDW3PF6NHO7OXNM5GN6WSSGAMA7MZE
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-21T18:43:05Z/
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7CNDW3PF6NHO7OXNM5GN6WSSGAMA7MZE/
7
reference_url https://github.com/libgit2/libgit2/commit/add2dabb3c16aa49b33904dcdc07cd915efc12fa
reference_id add2dabb3c16aa49b33904dcdc07cd915efc12fa
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-21T18:43:05Z/
url https://github.com/libgit2/libgit2/commit/add2dabb3c16aa49b33904dcdc07cd915efc12fa
8
reference_url https://github.com/libgit2/libgit2/security/advisories/GHSA-54mf-x2rh-hq9v
reference_id GHSA-54mf-x2rh-hq9v
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-21T18:43:05Z/
url https://github.com/libgit2/libgit2/security/advisories/GHSA-54mf-x2rh-hq9v
9
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/S635BGHHZUMRPI7QOXOJ45QHDD5FFZ3S/
reference_id S635BGHHZUMRPI7QOXOJ45QHDD5FFZ3S
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-21T18:43:05Z/
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/S635BGHHZUMRPI7QOXOJ45QHDD5FFZ3S/
10
reference_url https://usn.ubuntu.com/6678-1/
reference_id USN-6678-1
reference_type
scores
url https://usn.ubuntu.com/6678-1/
11
reference_url https://github.com/libgit2/libgit2/releases/tag/v1.6.5
reference_id v1.6.5
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-21T18:43:05Z/
url https://github.com/libgit2/libgit2/releases/tag/v1.6.5
12
reference_url https://github.com/libgit2/libgit2/releases/tag/v1.7.2
reference_id v1.7.2
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-21T18:43:05Z/
url https://github.com/libgit2/libgit2/releases/tag/v1.7.2
13
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z6MXOX7I43OWNN7R6M54XLG6U5RXY244/
reference_id Z6MXOX7I43OWNN7R6M54XLG6U5RXY244
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-21T18:43:05Z/
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z6MXOX7I43OWNN7R6M54XLG6U5RXY244/
14
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZGNHOEE2RBLH7KCJUPUNYG4CDTW4HTBT/
reference_id ZGNHOEE2RBLH7KCJUPUNYG4CDTW4HTBT
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-21T18:43:05Z/
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZGNHOEE2RBLH7KCJUPUNYG4CDTW4HTBT/
fixed_packages
0
url pkg:deb/debian/libgit2@0?distro=trixie
purl pkg:deb/debian/libgit2@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgit2@0%3Fdistro=trixie
1
url pkg:deb/debian/libgit2@1.1.0%2Bdfsg.1-4%2Bdeb11u2?distro=trixie
purl pkg:deb/debian/libgit2@1.1.0%2Bdfsg.1-4%2Bdeb11u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgit2@1.1.0%252Bdfsg.1-4%252Bdeb11u2%3Fdistro=trixie
2
url pkg:deb/debian/libgit2@1.5.1%2Bds-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/libgit2@1.5.1%2Bds-1%2Bdeb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgit2@1.5.1%252Bds-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/libgit2@1.7.2%2Bds-1?distro=trixie
purl pkg:deb/debian/libgit2@1.7.2%2Bds-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgit2@1.7.2%252Bds-1%3Fdistro=trixie
4
url pkg:deb/debian/libgit2@1.9.0%2Bds-2?distro=trixie
purl pkg:deb/debian/libgit2@1.9.0%2Bds-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgit2@1.9.0%252Bds-2%3Fdistro=trixie
5
url pkg:deb/debian/libgit2@1.9.2%2Bds-6?distro=trixie
purl pkg:deb/debian/libgit2@1.9.2%2Bds-6?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgit2@1.9.2%252Bds-6%3Fdistro=trixie
aliases CVE-2024-24575
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-k211-ta2v-8fb2
8
url VCID-mpm1-9224-6kgu
vulnerability_id VCID-mpm1-9224-6kgu
summary libgit2: denial of service (DoS) via crafted repository index files
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-8099.json
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-8099.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-8099
reference_id
reference_type
scores
0
value 0.01182
scoring_system epss
scoring_elements 0.78706
published_at 2026-04-01T12:55:00Z
1
value 0.01182
scoring_system epss
scoring_elements 0.78713
published_at 2026-04-02T12:55:00Z
2
value 0.01182
scoring_system epss
scoring_elements 0.78744
published_at 2026-04-04T12:55:00Z
3
value 0.01182
scoring_system epss
scoring_elements 0.78726
published_at 2026-04-07T12:55:00Z
4
value 0.01182
scoring_system epss
scoring_elements 0.78752
published_at 2026-04-08T12:55:00Z
5
value 0.01182
scoring_system epss
scoring_elements 0.78758
published_at 2026-04-09T12:55:00Z
6
value 0.01182
scoring_system epss
scoring_elements 0.78782
published_at 2026-04-11T12:55:00Z
7
value 0.01182
scoring_system epss
scoring_elements 0.78765
published_at 2026-04-12T12:55:00Z
8
value 0.01182
scoring_system epss
scoring_elements 0.78756
published_at 2026-04-13T12:55:00Z
9
value 0.01182
scoring_system epss
scoring_elements 0.78785
published_at 2026-04-16T12:55:00Z
10
value 0.01182
scoring_system epss
scoring_elements 0.78783
published_at 2026-04-18T12:55:00Z
11
value 0.01182
scoring_system epss
scoring_elements 0.78778
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-8099
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8099
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8099
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1554366
reference_id 1554366
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1554366
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=892962
reference_id 892962
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=892962
fixed_packages
0
url pkg:deb/debian/libgit2@0.27.0%2Bdfsg.1-0.6?distro=trixie
purl pkg:deb/debian/libgit2@0.27.0%2Bdfsg.1-0.6?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgit2@0.27.0%252Bdfsg.1-0.6%3Fdistro=trixie
1
url pkg:deb/debian/libgit2@1.1.0%2Bdfsg.1-4%2Bdeb11u2?distro=trixie
purl pkg:deb/debian/libgit2@1.1.0%2Bdfsg.1-4%2Bdeb11u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgit2@1.1.0%252Bdfsg.1-4%252Bdeb11u2%3Fdistro=trixie
2
url pkg:deb/debian/libgit2@1.5.1%2Bds-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/libgit2@1.5.1%2Bds-1%2Bdeb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgit2@1.5.1%252Bds-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/libgit2@1.9.0%2Bds-2?distro=trixie
purl pkg:deb/debian/libgit2@1.9.0%2Bds-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgit2@1.9.0%252Bds-2%3Fdistro=trixie
4
url pkg:deb/debian/libgit2@1.9.2%2Bds-6?distro=trixie
purl pkg:deb/debian/libgit2@1.9.2%2Bds-6?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgit2@1.9.2%252Bds-6%3Fdistro=trixie
aliases CVE-2018-8099
risk_score 1.9
exploitability 0.5
weighted_severity 3.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mpm1-9224-6kgu
9
url VCID-nq88-cr6a-17fw
vulnerability_id VCID-nq88-cr6a-17fw
summary 
Out-of-bounds Read
In the library libgit2, which is used by pygit2, a remote attacker can send a crafted smart-protocol `ng` packet that lacks a `\0` byte to trigger an out-of-bounds read leading to a DoS.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-15501.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-15501.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-15501
reference_id
reference_type
scores
0
value 0.00447
scoring_system epss
scoring_elements 0.63405
published_at 2026-04-01T12:55:00Z
1
value 0.00447
scoring_system epss
scoring_elements 0.63464
published_at 2026-04-02T12:55:00Z
2
value 0.00447
scoring_system epss
scoring_elements 0.63491
published_at 2026-04-04T12:55:00Z
3
value 0.01621
scoring_system epss
scoring_elements 0.81847
published_at 2026-04-11T12:55:00Z
4
value 0.01621
scoring_system epss
scoring_elements 0.81835
published_at 2026-04-12T12:55:00Z
5
value 0.01621
scoring_system epss
scoring_elements 0.81829
published_at 2026-04-13T12:55:00Z
6
value 0.01621
scoring_system epss
scoring_elements 0.81866
published_at 2026-04-16T12:55:00Z
7
value 0.01621
scoring_system epss
scoring_elements 0.81867
published_at 2026-04-18T12:55:00Z
8
value 0.01621
scoring_system epss
scoring_elements 0.81869
published_at 2026-04-21T12:55:00Z
9
value 0.01621
scoring_system epss
scoring_elements 0.81795
published_at 2026-04-07T12:55:00Z
10
value 0.01621
scoring_system epss
scoring_elements 0.81822
published_at 2026-04-08T12:55:00Z
11
value 0.01621
scoring_system epss
scoring_elements 0.81828
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-15501
2
reference_url https://bugzilla.suse.com/show_bug.cgi?id=1104641
reference_id
reference_type
scores
url https://bugzilla.suse.com/show_bug.cgi?id=1104641
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15501
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15501
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.4
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1615585
reference_id 1615585
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1615585
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-15501
reference_id CVE-2018-15501
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2018-15501
fixed_packages
0
url pkg:deb/debian/libgit2@0.27.4%2Bdfsg.1-0.1?distro=trixie
purl pkg:deb/debian/libgit2@0.27.4%2Bdfsg.1-0.1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgit2@0.27.4%252Bdfsg.1-0.1%3Fdistro=trixie
1
url pkg:deb/debian/libgit2@1.1.0%2Bdfsg.1-4%2Bdeb11u2?distro=trixie
purl pkg:deb/debian/libgit2@1.1.0%2Bdfsg.1-4%2Bdeb11u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgit2@1.1.0%252Bdfsg.1-4%252Bdeb11u2%3Fdistro=trixie
2
url pkg:deb/debian/libgit2@1.5.1%2Bds-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/libgit2@1.5.1%2Bds-1%2Bdeb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgit2@1.5.1%252Bds-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/libgit2@1.9.0%2Bds-2?distro=trixie
purl pkg:deb/debian/libgit2@1.9.0%2Bds-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgit2@1.9.0%252Bds-2%3Fdistro=trixie
4
url pkg:deb/debian/libgit2@1.9.2%2Bds-6?distro=trixie
purl pkg:deb/debian/libgit2@1.9.2%2Bds-6?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgit2@1.9.2%252Bds-6%3Fdistro=trixie
aliases CVE-2018-15501
risk_score 2.4
exploitability 0.5
weighted_severity 4.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nq88-cr6a-17fw
10
url VCID-rvbe-y541-nyh7
vulnerability_id VCID-rvbe-y541-nyh7
summary The Git Smart Protocol support in libgit2 before 0.24.6 and 0.25.x before 0.25.1 allows remote attackers to cause a denial of service (NULL pointer dereference) via an empty packet line.
references
0
reference_url http://lists.opensuse.org/opensuse-updates/2017-02/msg00030.html
reference_id
reference_type
scores
url http://lists.opensuse.org/opensuse-updates/2017-02/msg00030.html
1
reference_url http://lists.opensuse.org/opensuse-updates/2017-02/msg00036.html
reference_id
reference_type
scores
url http://lists.opensuse.org/opensuse-updates/2017-02/msg00036.html
2
reference_url http://lists.opensuse.org/opensuse-updates/2017-02/msg00072.html
reference_id
reference_type
scores
url http://lists.opensuse.org/opensuse-updates/2017-02/msg00072.html
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-10129
reference_id
reference_type
scores
0
value 0.04784
scoring_system epss
scoring_elements 0.89483
published_at 2026-04-21T12:55:00Z
1
value 0.04784
scoring_system epss
scoring_elements 0.89476
published_at 2026-04-12T12:55:00Z
2
value 0.04784
scoring_system epss
scoring_elements 0.89471
published_at 2026-04-13T12:55:00Z
3
value 0.04784
scoring_system epss
scoring_elements 0.89485
published_at 2026-04-18T12:55:00Z
4
value 0.04784
scoring_system epss
scoring_elements 0.89432
published_at 2026-04-01T12:55:00Z
5
value 0.04784
scoring_system epss
scoring_elements 0.89436
published_at 2026-04-02T12:55:00Z
6
value 0.04784
scoring_system epss
scoring_elements 0.89447
published_at 2026-04-04T12:55:00Z
7
value 0.04784
scoring_system epss
scoring_elements 0.89449
published_at 2026-04-07T12:55:00Z
8
value 0.04784
scoring_system epss
scoring_elements 0.89465
published_at 2026-04-08T12:55:00Z
9
value 0.04784
scoring_system epss
scoring_elements 0.89469
published_at 2026-04-09T12:55:00Z
10
value 0.04784
scoring_system epss
scoring_elements 0.89478
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-10129
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10129
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10129
5
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:P/I:P/A:P
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
6
reference_url https://github.com/libgit2/libgit2/commit/2fdef641fd0dd2828bd948234ae86de75221a11a
reference_id
reference_type
scores
url https://github.com/libgit2/libgit2/commit/2fdef641fd0dd2828bd948234ae86de75221a11a
7
reference_url https://github.com/libgit2/libgit2/commit/84d30d569ada986f3eef527cbdb932643c2dd037
reference_id
reference_type
scores
url https://github.com/libgit2/libgit2/commit/84d30d569ada986f3eef527cbdb932643c2dd037
8
reference_url https://libgit2.github.com/security/
reference_id
reference_type
scores
url https://libgit2.github.com/security/
9
reference_url http://www.openwall.com/lists/oss-security/2017/01/10/5
reference_id
reference_type
scores
url http://www.openwall.com/lists/oss-security/2017/01/10/5
10
reference_url http://www.openwall.com/lists/oss-security/2017/01/11/6
reference_id
reference_type
scores
url http://www.openwall.com/lists/oss-security/2017/01/11/6
11
reference_url http://www.securityfocus.com/bid/95339
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/95339
12
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=851406
reference_id 851406
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=851406
13
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=860990
reference_id 860990
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=860990
14
reference_url https://security.archlinux.org/ASA-201701-21
reference_id ASA-201701-21
reference_type
scores
url https://security.archlinux.org/ASA-201701-21
15
reference_url https://security.archlinux.org/AVG-131
reference_id AVG-131
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-131
16
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libgit2_project:libgit2:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:libgit2_project:libgit2:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libgit2_project:libgit2:*:*:*:*:*:*:*:*
17
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libgit2_project:libgit2:0.25.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:libgit2_project:libgit2:0.25.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libgit2_project:libgit2:0.25.0:*:*:*:*:*:*:*
18
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libgit2_project:libgit2:0.25.0:rc1:*:*:*:*:*:*
reference_id cpe:2.3:a:libgit2_project:libgit2:0.25.0:rc1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libgit2_project:libgit2:0.25.0:rc1:*:*:*:*:*:*
19
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libgit2_project:libgit2:0.25.0:rc2:*:*:*:*:*:*
reference_id cpe:2.3:a:libgit2_project:libgit2:0.25.0:rc2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libgit2_project:libgit2:0.25.0:rc2:*:*:*:*:*:*
20
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-10129
reference_id CVE-2016-10129
reference_type
scores
0
value 5.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:N/I:N/A:P
1
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://nvd.nist.gov/vuln/detail/CVE-2016-10129
fixed_packages
0
url pkg:deb/debian/libgit2@0.25.1%2Breally0.24.6-1?distro=trixie
purl pkg:deb/debian/libgit2@0.25.1%2Breally0.24.6-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgit2@0.25.1%252Breally0.24.6-1%3Fdistro=trixie
1
url pkg:deb/debian/libgit2@1.1.0%2Bdfsg.1-4%2Bdeb11u2?distro=trixie
purl pkg:deb/debian/libgit2@1.1.0%2Bdfsg.1-4%2Bdeb11u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgit2@1.1.0%252Bdfsg.1-4%252Bdeb11u2%3Fdistro=trixie
2
url pkg:deb/debian/libgit2@1.5.1%2Bds-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/libgit2@1.5.1%2Bds-1%2Bdeb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgit2@1.5.1%252Bds-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/libgit2@1.9.0%2Bds-2?distro=trixie
purl pkg:deb/debian/libgit2@1.9.0%2Bds-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgit2@1.9.0%252Bds-2%3Fdistro=trixie
4
url pkg:deb/debian/libgit2@1.9.2%2Bds-6?distro=trixie
purl pkg:deb/debian/libgit2@1.9.2%2Bds-6?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgit2@1.9.2%252Bds-6%3Fdistro=trixie
aliases CVE-2016-10129
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rvbe-y541-nyh7
11
url VCID-t2ph-v249-a7g9
vulnerability_id VCID-t2ph-v249-a7g9
summary 
Improper Verification of Cryptographic Signature
libgit2 is a cross-platform, linkable library implementation of Git. When using an SSH remote with the optional libssh2 backend, libgit2 does not perform certificate checking by default. Prior versions of libgit2 require the caller to set the `certificate_check` field of libgit2's `git_remote_callbacks` structure - if a certificate check callback is not set, libgit2 does not perform any certificate checking. This means that by default - without configuring a certificate check callback, clients will not perform validation on the server SSH keys and may be subject to a man-in-the-middle attack. Users are encouraged to upgrade to v1.4.5 or v1.5.1. Users unable to upgrade should ensure that all relevant certificates are manually checked.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-22742.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-22742.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-22742
reference_id
reference_type
scores
0
value 0.00121
scoring_system epss
scoring_elements 0.31147
published_at 2026-04-02T12:55:00Z
1
value 0.00121
scoring_system epss
scoring_elements 0.30998
published_at 2026-04-21T12:55:00Z
2
value 0.00121
scoring_system epss
scoring_elements 0.31194
published_at 2026-04-04T12:55:00Z
3
value 0.00121
scoring_system epss
scoring_elements 0.31014
published_at 2026-04-07T12:55:00Z
4
value 0.00121
scoring_system epss
scoring_elements 0.31069
published_at 2026-04-08T12:55:00Z
5
value 0.00121
scoring_system epss
scoring_elements 0.31099
published_at 2026-04-09T12:55:00Z
6
value 0.00121
scoring_system epss
scoring_elements 0.31106
published_at 2026-04-11T12:55:00Z
7
value 0.00121
scoring_system epss
scoring_elements 0.31062
published_at 2026-04-12T12:55:00Z
8
value 0.00121
scoring_system epss
scoring_elements 0.31017
published_at 2026-04-13T12:55:00Z
9
value 0.00121
scoring_system epss
scoring_elements 0.31049
published_at 2026-04-16T12:55:00Z
10
value 0.00121
scoring_system epss
scoring_elements 0.3103
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-22742
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22742
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22742
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/libgit2/libgit2/commit/42e5db98b963ae503229c63e44e06e439df50e56
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-10T20:59:36Z/
url https://github.com/libgit2/libgit2/commit/42e5db98b963ae503229c63e44e06e439df50e56
5
reference_url https://github.com/libgit2/libgit2/commit/cd6f679af401eda1f172402006ef8265f8bd58ea
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-10T20:59:36Z/
url https://github.com/libgit2/libgit2/commit/cd6f679af401eda1f172402006ef8265f8bd58ea
6
reference_url https://github.com/libgit2/libgit2/releases/tag/v1.4.5
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-10T20:59:36Z/
url https://github.com/libgit2/libgit2/releases/tag/v1.4.5
7
reference_url https://github.com/libgit2/libgit2/releases/tag/v1.5.1
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-10T20:59:36Z/
url https://github.com/libgit2/libgit2/releases/tag/v1.5.1
8
reference_url https://www.libssh2.org
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-10T20:59:36Z/
url https://www.libssh2.org
9
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1029368
reference_id 1029368
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1029368
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2163614
reference_id 2163614
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2163614
11
reference_url http://www.openwall.com/lists/oss-security/2023/11/06/5
reference_id 5
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-10T20:59:36Z/
url http://www.openwall.com/lists/oss-security/2023/11/06/5
12
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-22742
reference_id CVE-2023-22742
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2023-22742
13
reference_url https://github.com/libgit2/libgit2/security/advisories/GHSA-8643-3wh5-rmjq
reference_id GHSA-8643-3wh5-rmjq
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-10T20:59:36Z/
url https://github.com/libgit2/libgit2/security/advisories/GHSA-8643-3wh5-rmjq
14
reference_url https://security.gentoo.org/glsa/202411-05
reference_id GLSA-202411-05
reference_type
scores
url https://security.gentoo.org/glsa/202411-05
15
reference_url https://usn.ubuntu.com/6678-1/
reference_id USN-6678-1
reference_type
scores
url https://usn.ubuntu.com/6678-1/
fixed_packages
0
url pkg:deb/debian/libgit2@1.1.0%2Bdfsg.1-4%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/libgit2@1.1.0%2Bdfsg.1-4%2Bdeb11u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgit2@1.1.0%252Bdfsg.1-4%252Bdeb11u1%3Fdistro=trixie
1
url pkg:deb/debian/libgit2@1.1.0%2Bdfsg.1-4%2Bdeb11u2?distro=trixie
purl pkg:deb/debian/libgit2@1.1.0%2Bdfsg.1-4%2Bdeb11u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgit2@1.1.0%252Bdfsg.1-4%252Bdeb11u2%3Fdistro=trixie
2
url pkg:deb/debian/libgit2@1.5.1%2Bds-1?distro=trixie
purl pkg:deb/debian/libgit2@1.5.1%2Bds-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgit2@1.5.1%252Bds-1%3Fdistro=trixie
3
url pkg:deb/debian/libgit2@1.5.1%2Bds-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/libgit2@1.5.1%2Bds-1%2Bdeb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgit2@1.5.1%252Bds-1%252Bdeb12u1%3Fdistro=trixie
4
url pkg:deb/debian/libgit2@1.9.0%2Bds-2?distro=trixie
purl pkg:deb/debian/libgit2@1.9.0%2Bds-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgit2@1.9.0%252Bds-2%3Fdistro=trixie
5
url pkg:deb/debian/libgit2@1.9.2%2Bds-6?distro=trixie
purl pkg:deb/debian/libgit2@1.9.2%2Bds-6?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgit2@1.9.2%252Bds-6%3Fdistro=trixie
aliases CVE-2023-22742, GHSA-8643-3wh5-rmjq
risk_score 2.4
exploitability 0.5
weighted_severity 4.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-t2ph-v249-a7g9
12
url VCID-tkgy-cec8-dfdy
vulnerability_id VCID-tkgy-cec8-dfdy
summary The git_oid_nfmt function in commit.c in libgit2 before 0.24.3 allows remote attackers to cause a denial of service (NULL pointer dereference) via a cat-file command with a crafted object file.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-8569
reference_id
reference_type
scores
0
value 0.00554
scoring_system epss
scoring_elements 0.68099
published_at 2026-04-21T12:55:00Z
1
value 0.00554
scoring_system epss
scoring_elements 0.68007
published_at 2026-04-01T12:55:00Z
2
value 0.00554
scoring_system epss
scoring_elements 0.68028
published_at 2026-04-02T12:55:00Z
3
value 0.00554
scoring_system epss
scoring_elements 0.68047
published_at 2026-04-04T12:55:00Z
4
value 0.00554
scoring_system epss
scoring_elements 0.68024
published_at 2026-04-07T12:55:00Z
5
value 0.00554
scoring_system epss
scoring_elements 0.68076
published_at 2026-04-08T12:55:00Z
6
value 0.00554
scoring_system epss
scoring_elements 0.6809
published_at 2026-04-09T12:55:00Z
7
value 0.00554
scoring_system epss
scoring_elements 0.68114
published_at 2026-04-11T12:55:00Z
8
value 0.00554
scoring_system epss
scoring_elements 0.68101
published_at 2026-04-12T12:55:00Z
9
value 0.00554
scoring_system epss
scoring_elements 0.68068
published_at 2026-04-13T12:55:00Z
10
value 0.00554
scoring_system epss
scoring_elements 0.68104
published_at 2026-04-16T12:55:00Z
11
value 0.00554
scoring_system epss
scoring_elements 0.68117
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-8569
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8569
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8569
2
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=840227
reference_id 840227
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=840227
3
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=860989
reference_id 860989
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=860989
4
reference_url https://security.archlinux.org/ASA-201611-17
reference_id ASA-201611-17
reference_type
scores
url https://security.archlinux.org/ASA-201611-17
5
reference_url https://security.archlinux.org/AVG-45
reference_id AVG-45
reference_type
scores
0
value Low
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-45
6
reference_url https://usn.ubuntu.com/USN-4798-1/
reference_id USN-USN-4798-1
reference_type
scores
url https://usn.ubuntu.com/USN-4798-1/
fixed_packages
0
url pkg:deb/debian/libgit2@0.24.2-2?distro=trixie
purl pkg:deb/debian/libgit2@0.24.2-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgit2@0.24.2-2%3Fdistro=trixie
1
url pkg:deb/debian/libgit2@1.1.0%2Bdfsg.1-4%2Bdeb11u2?distro=trixie
purl pkg:deb/debian/libgit2@1.1.0%2Bdfsg.1-4%2Bdeb11u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgit2@1.1.0%252Bdfsg.1-4%252Bdeb11u2%3Fdistro=trixie
2
url pkg:deb/debian/libgit2@1.5.1%2Bds-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/libgit2@1.5.1%2Bds-1%2Bdeb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgit2@1.5.1%252Bds-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/libgit2@1.9.0%2Bds-2?distro=trixie
purl pkg:deb/debian/libgit2@1.9.0%2Bds-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgit2@1.9.0%252Bds-2%3Fdistro=trixie
4
url pkg:deb/debian/libgit2@1.9.2%2Bds-6?distro=trixie
purl pkg:deb/debian/libgit2@1.9.2%2Bds-6?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgit2@1.9.2%252Bds-6%3Fdistro=trixie
aliases CVE-2016-8569
risk_score 1.4
exploitability 0.5
weighted_severity 2.7
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tkgy-cec8-dfdy
13
url VCID-tmtv-wcxy-sqht
vulnerability_id VCID-tmtv-wcxy-sqht
summary libgit2: NTFS protections inactive when running Git in the Windows Subsystem for Linux
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12279.json
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12279.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-12279
reference_id
reference_type
scores
0
value 0.05164
scoring_system epss
scoring_elements 0.89855
published_at 2026-04-01T12:55:00Z
1
value 0.05164
scoring_system epss
scoring_elements 0.89858
published_at 2026-04-02T12:55:00Z
2
value 0.05164
scoring_system epss
scoring_elements 0.89871
published_at 2026-04-04T12:55:00Z
3
value 0.05164
scoring_system epss
scoring_elements 0.89877
published_at 2026-04-07T12:55:00Z
4
value 0.05164
scoring_system epss
scoring_elements 0.89893
published_at 2026-04-08T12:55:00Z
5
value 0.05164
scoring_system epss
scoring_elements 0.89898
published_at 2026-04-09T12:55:00Z
6
value 0.05164
scoring_system epss
scoring_elements 0.89905
published_at 2026-04-21T12:55:00Z
7
value 0.05164
scoring_system epss
scoring_elements 0.89903
published_at 2026-04-12T12:55:00Z
8
value 0.05164
scoring_system epss
scoring_elements 0.89896
published_at 2026-04-13T12:55:00Z
9
value 0.05164
scoring_system epss
scoring_elements 0.8991
published_at 2026-04-16T12:55:00Z
10
value 0.05164
scoring_system epss
scoring_elements 0.89911
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-12279
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12279
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12279
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1829407
reference_id 1829407
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1829407
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-12279
reference_id CVE-2020-12279
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2020-12279
5
reference_url https://usn.ubuntu.com/6678-1/
reference_id USN-6678-1
reference_type
scores
url https://usn.ubuntu.com/6678-1/
fixed_packages
0
url pkg:deb/debian/libgit2@0.28.4%2Bdfsg.1-2?distro=trixie
purl pkg:deb/debian/libgit2@0.28.4%2Bdfsg.1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgit2@0.28.4%252Bdfsg.1-2%3Fdistro=trixie
1
url pkg:deb/debian/libgit2@1.1.0%2Bdfsg.1-4%2Bdeb11u2?distro=trixie
purl pkg:deb/debian/libgit2@1.1.0%2Bdfsg.1-4%2Bdeb11u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgit2@1.1.0%252Bdfsg.1-4%252Bdeb11u2%3Fdistro=trixie
2
url pkg:deb/debian/libgit2@1.5.1%2Bds-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/libgit2@1.5.1%2Bds-1%2Bdeb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgit2@1.5.1%252Bds-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/libgit2@1.9.0%2Bds-2?distro=trixie
purl pkg:deb/debian/libgit2@1.9.0%2Bds-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgit2@1.9.0%252Bds-2%3Fdistro=trixie
4
url pkg:deb/debian/libgit2@1.9.2%2Bds-6?distro=trixie
purl pkg:deb/debian/libgit2@1.9.2%2Bds-6?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgit2@1.9.2%252Bds-6%3Fdistro=trixie
aliases CVE-2020-12279, GHSA-589j-mmg9-733v
risk_score 3.6
exploitability 0.5
weighted_severity 7.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tmtv-wcxy-sqht
14
url VCID-xab7-k14p-uqbx
vulnerability_id VCID-xab7-k14p-uqbx
summary The http_connect function in transports/http.c in libgit2 before 0.24.6 and 0.25.x before 0.25.1 might allow man-in-the-middle attackers to spoof servers by leveraging clobbering of the error variable.
references
0
reference_url http://lists.opensuse.org/opensuse-updates/2017-02/msg00030.html
reference_id
reference_type
scores
url http://lists.opensuse.org/opensuse-updates/2017-02/msg00030.html
1
reference_url http://lists.opensuse.org/opensuse-updates/2017-02/msg00036.html
reference_id
reference_type
scores
url http://lists.opensuse.org/opensuse-updates/2017-02/msg00036.html
2
reference_url http://lists.opensuse.org/opensuse-updates/2017-02/msg00072.html
reference_id
reference_type
scores
url http://lists.opensuse.org/opensuse-updates/2017-02/msg00072.html
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-10130
reference_id
reference_type
scores
0
value 0.01054
scoring_system epss
scoring_elements 0.7761
published_at 2026-04-21T12:55:00Z
1
value 0.01054
scoring_system epss
scoring_elements 0.7758
published_at 2026-04-13T12:55:00Z
2
value 0.01054
scoring_system epss
scoring_elements 0.77617
published_at 2026-04-16T12:55:00Z
3
value 0.01054
scoring_system epss
scoring_elements 0.77616
published_at 2026-04-18T12:55:00Z
4
value 0.01054
scoring_system epss
scoring_elements 0.7752
published_at 2026-04-01T12:55:00Z
5
value 0.01054
scoring_system epss
scoring_elements 0.77525
published_at 2026-04-02T12:55:00Z
6
value 0.01054
scoring_system epss
scoring_elements 0.77551
published_at 2026-04-04T12:55:00Z
7
value 0.01054
scoring_system epss
scoring_elements 0.77531
published_at 2026-04-07T12:55:00Z
8
value 0.01054
scoring_system epss
scoring_elements 0.77562
published_at 2026-04-08T12:55:00Z
9
value 0.01054
scoring_system epss
scoring_elements 0.7757
published_at 2026-04-09T12:55:00Z
10
value 0.01054
scoring_system epss
scoring_elements 0.77596
published_at 2026-04-11T12:55:00Z
11
value 0.01054
scoring_system epss
scoring_elements 0.77581
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-10130
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10130
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10130
5
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.1
scoring_system cvssv2
scoring_elements AV:N/AC:H/Au:N/C:P/I:P/A:P
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
6
reference_url https://github.com/libgit2/libgit2/commit/9a64e62f0f20c9cf9b2e1609f037060eb2d8eb22
reference_id
reference_type
scores
url https://github.com/libgit2/libgit2/commit/9a64e62f0f20c9cf9b2e1609f037060eb2d8eb22
7
reference_url https://github.com/libgit2/libgit2/commit/b5c6a1b407b7f8b952bded2789593b68b1876211
reference_id
reference_type
scores
url https://github.com/libgit2/libgit2/commit/b5c6a1b407b7f8b952bded2789593b68b1876211
8
reference_url https://libgit2.github.com/security/
reference_id
reference_type
scores
url https://libgit2.github.com/security/
9
reference_url http://www.openwall.com/lists/oss-security/2017/01/10/5
reference_id
reference_type
scores
url http://www.openwall.com/lists/oss-security/2017/01/10/5
10
reference_url http://www.openwall.com/lists/oss-security/2017/01/11/6
reference_id
reference_type
scores
url http://www.openwall.com/lists/oss-security/2017/01/11/6
11
reference_url http://www.securityfocus.com/bid/95359
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/95359
12
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=851406
reference_id 851406
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=851406
13
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=860990
reference_id 860990
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=860990
14
reference_url https://security.archlinux.org/ASA-201701-21
reference_id ASA-201701-21
reference_type
scores
url https://security.archlinux.org/ASA-201701-21
15
reference_url https://security.archlinux.org/AVG-131
reference_id AVG-131
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-131
16
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libgit2_project:libgit2:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:libgit2_project:libgit2:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libgit2_project:libgit2:*:*:*:*:*:*:*:*
17
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libgit2_project:libgit2:0.25.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:libgit2_project:libgit2:0.25.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libgit2_project:libgit2:0.25.0:*:*:*:*:*:*:*
18
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libgit2_project:libgit2:0.25.0:rc1:*:*:*:*:*:*
reference_id cpe:2.3:a:libgit2_project:libgit2:0.25.0:rc1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libgit2_project:libgit2:0.25.0:rc1:*:*:*:*:*:*
19
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libgit2_project:libgit2:0.25.0:rc2:*:*:*:*:*:*
reference_id cpe:2.3:a:libgit2_project:libgit2:0.25.0:rc2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libgit2_project:libgit2:0.25.0:rc2:*:*:*:*:*:*
20
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-10130
reference_id CVE-2016-10130
reference_type
scores
0
value 4.3
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:N/I:P/A:N
1
value 5.9
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
url https://nvd.nist.gov/vuln/detail/CVE-2016-10130
fixed_packages
0
url pkg:deb/debian/libgit2@0.25.1%2Breally0.24.6-1?distro=trixie
purl pkg:deb/debian/libgit2@0.25.1%2Breally0.24.6-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgit2@0.25.1%252Breally0.24.6-1%3Fdistro=trixie
1
url pkg:deb/debian/libgit2@1.1.0%2Bdfsg.1-4%2Bdeb11u2?distro=trixie
purl pkg:deb/debian/libgit2@1.1.0%2Bdfsg.1-4%2Bdeb11u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgit2@1.1.0%252Bdfsg.1-4%252Bdeb11u2%3Fdistro=trixie
2
url pkg:deb/debian/libgit2@1.5.1%2Bds-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/libgit2@1.5.1%2Bds-1%2Bdeb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgit2@1.5.1%252Bds-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/libgit2@1.9.0%2Bds-2?distro=trixie
purl pkg:deb/debian/libgit2@1.9.0%2Bds-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgit2@1.9.0%252Bds-2%3Fdistro=trixie
4
url pkg:deb/debian/libgit2@1.9.2%2Bds-6?distro=trixie
purl pkg:deb/debian/libgit2@1.9.2%2Bds-6?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgit2@1.9.2%252Bds-6%3Fdistro=trixie
aliases CVE-2016-10130
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xab7-k14p-uqbx
15
url VCID-yq57-g8j1-kfeu
vulnerability_id VCID-yq57-g8j1-kfeu
summary The git_commit_message function in oid.c in libgit2 before 0.24.3 allows remote attackers to cause a denial of service (out-of-bounds read) via a cat-file command with a crafted object file.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-8568
reference_id
reference_type
scores
0
value 0.00469
scoring_system epss
scoring_elements 0.64574
published_at 2026-04-21T12:55:00Z
1
value 0.00469
scoring_system epss
scoring_elements 0.64462
published_at 2026-04-01T12:55:00Z
2
value 0.00469
scoring_system epss
scoring_elements 0.64516
published_at 2026-04-02T12:55:00Z
3
value 0.00469
scoring_system epss
scoring_elements 0.64545
published_at 2026-04-04T12:55:00Z
4
value 0.00469
scoring_system epss
scoring_elements 0.64503
published_at 2026-04-07T12:55:00Z
5
value 0.00469
scoring_system epss
scoring_elements 0.64552
published_at 2026-04-08T12:55:00Z
6
value 0.00469
scoring_system epss
scoring_elements 0.64568
published_at 2026-04-09T12:55:00Z
7
value 0.00469
scoring_system epss
scoring_elements 0.64584
published_at 2026-04-11T12:55:00Z
8
value 0.00469
scoring_system epss
scoring_elements 0.64571
published_at 2026-04-12T12:55:00Z
9
value 0.00469
scoring_system epss
scoring_elements 0.64543
published_at 2026-04-13T12:55:00Z
10
value 0.00469
scoring_system epss
scoring_elements 0.64577
published_at 2026-04-16T12:55:00Z
11
value 0.00469
scoring_system epss
scoring_elements 0.64588
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-8568
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8568
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8568
2
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=840227
reference_id 840227
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=840227
3
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=860989
reference_id 860989
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=860989
4
reference_url https://security.archlinux.org/ASA-201611-17
reference_id ASA-201611-17
reference_type
scores
url https://security.archlinux.org/ASA-201611-17
5
reference_url https://security.archlinux.org/AVG-45
reference_id AVG-45
reference_type
scores
0
value Low
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-45
6
reference_url https://usn.ubuntu.com/USN-4798-1/
reference_id USN-USN-4798-1
reference_type
scores
url https://usn.ubuntu.com/USN-4798-1/
fixed_packages
0
url pkg:deb/debian/libgit2@0.24.5-1?distro=trixie
purl pkg:deb/debian/libgit2@0.24.5-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgit2@0.24.5-1%3Fdistro=trixie
1
url pkg:deb/debian/libgit2@1.1.0%2Bdfsg.1-4%2Bdeb11u2?distro=trixie
purl pkg:deb/debian/libgit2@1.1.0%2Bdfsg.1-4%2Bdeb11u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgit2@1.1.0%252Bdfsg.1-4%252Bdeb11u2%3Fdistro=trixie
2
url pkg:deb/debian/libgit2@1.5.1%2Bds-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/libgit2@1.5.1%2Bds-1%2Bdeb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgit2@1.5.1%252Bds-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/libgit2@1.9.0%2Bds-2?distro=trixie
purl pkg:deb/debian/libgit2@1.9.0%2Bds-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgit2@1.9.0%252Bds-2%3Fdistro=trixie
4
url pkg:deb/debian/libgit2@1.9.2%2Bds-6?distro=trixie
purl pkg:deb/debian/libgit2@1.9.2%2Bds-6?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgit2@1.9.2%252Bds-6%3Fdistro=trixie
aliases CVE-2016-8568
risk_score 1.4
exploitability 0.5
weighted_severity 2.7
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-yq57-g8j1-kfeu
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:deb/debian/libgit2@1.9.2%252Bds-6%3Fdistro=trixie