Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:pypi/dulwich@0.8.3
purl pkg:pypi/dulwich@0.8.3
Next non-vulnerable version 0.18.5
Latest non-vulnerable version 0.18.5
Risk 4.5
Vulnerabilities affecting this package (3)
Vulnerability Summary Fixed by
VCID-74n4-53mc-2uc3
Aliases:
CVE-2014-9706
GHSA-4j5j-58j7-6c3w
PYSEC-2015-34
The build_index_from_tree function in index.py in Dulwich before 0.9.9 allows remote attackers to execute arbitrary code via a commit with a directory path starting with .git/, which is not properly handled when checking out a working tree.
0.9.9
Affected by 1 other vulnerability.
VCID-duga-b9sn-b7fc
Aliases:
CVE-2015-0838
GHSA-vjjf-3rvg-gv3v
PYSEC-2015-35
Buffer overflow in the C implementation of the apply_delta function in _pack.c in Dulwich before 0.9.9 allows remote attackers to execute arbitrary code via a crafted pack file.
0.9.9
Affected by 1 other vulnerability.
VCID-wegc-1zcu-qygw
Aliases:
CVE-2017-16228
GHSA-cwwh-4382-6fwr
PYSEC-2017-12
Dulwich before 0.18.5, when an SSH subprocess is used, allows remote attackers to execute arbitrary commands via an ssh URL with an initial dash character in the hostname, a related issue to CVE-2017-9800, CVE-2017-12836, CVE-2017-12976, CVE-2017-1000116, and CVE-2017-1000117.
0.18.5
Affected by 0 other vulnerabilities.
Vulnerabilities fixed by this package (0)
Vulnerability Summary Aliases
This package is not known to fix vulnerabilities.

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-29T20:32:45.895801+00:00 GitLab Importer Affected by VCID-duga-b9sn-b7fc https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/dulwich/CVE-2015-0838.yml 38.5.0
2026-04-29T20:32:40.274912+00:00 GitLab Importer Affected by VCID-74n4-53mc-2uc3 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/dulwich/CVE-2014-9706.yml 38.5.0
2026-04-29T20:27:09.725964+00:00 GitLab Importer Affected by VCID-wegc-1zcu-qygw https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/dulwich/CVE-2017-16228.yml 38.5.0
2026-04-16T21:53:08.640911+00:00 GitLab Importer Affected by VCID-duga-b9sn-b7fc https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/dulwich/CVE-2015-0838.yml 38.4.0
2026-04-16T21:53:03.123463+00:00 GitLab Importer Affected by VCID-74n4-53mc-2uc3 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/dulwich/CVE-2014-9706.yml 38.4.0
2026-04-16T21:47:24.967350+00:00 GitLab Importer Affected by VCID-wegc-1zcu-qygw https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/dulwich/CVE-2017-16228.yml 38.4.0
2026-04-11T23:08:42.603287+00:00 GitLab Importer Affected by VCID-duga-b9sn-b7fc https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/dulwich/CVE-2015-0838.yml 38.3.0
2026-04-11T23:08:37.395885+00:00 GitLab Importer Affected by VCID-74n4-53mc-2uc3 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/dulwich/CVE-2014-9706.yml 38.3.0
2026-04-11T23:03:14.977653+00:00 GitLab Importer Affected by VCID-wegc-1zcu-qygw https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/dulwich/CVE-2017-16228.yml 38.3.0
2026-04-02T23:17:18.985727+00:00 GitLab Importer Affected by VCID-duga-b9sn-b7fc https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/dulwich/CVE-2015-0838.yml 38.1.0
2026-04-02T23:17:13.740179+00:00 GitLab Importer Affected by VCID-74n4-53mc-2uc3 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/dulwich/CVE-2014-9706.yml 38.1.0
2026-04-02T23:11:38.174651+00:00 GitLab Importer Affected by VCID-wegc-1zcu-qygw https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/dulwich/CVE-2017-16228.yml 38.1.0
2026-04-01T17:37:30.002121+00:00 GitLab Importer Affected by VCID-duga-b9sn-b7fc https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/dulwich/CVE-2015-0838.yml 38.0.0
2026-04-01T17:37:23.784600+00:00 GitLab Importer Affected by VCID-74n4-53mc-2uc3 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/dulwich/CVE-2014-9706.yml 38.0.0
2026-04-01T17:31:31.245921+00:00 GitLab Importer Affected by VCID-wegc-1zcu-qygw https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/dulwich/CVE-2017-16228.yml 38.0.0
2026-04-01T15:00:05.345492+00:00 PyPI Importer Affected by VCID-wegc-1zcu-qygw https://osv-vulnerabilities.storage.googleapis.com/PyPI/all.zip 38.0.0
2026-04-01T14:59:19.685908+00:00 PyPI Importer Affected by VCID-74n4-53mc-2uc3 https://osv-vulnerabilities.storage.googleapis.com/PyPI/all.zip 38.0.0
2026-04-01T14:59:19.230882+00:00 PyPI Importer Affected by VCID-duga-b9sn-b7fc https://osv-vulnerabilities.storage.googleapis.com/PyPI/all.zip 38.0.0
2026-04-01T12:41:37.572600+00:00 Pypa Importer Affected by VCID-wegc-1zcu-qygw https://github.com/pypa/advisory-database/blob/main/vulns/dulwich/PYSEC-2017-12.yaml 38.0.0
2026-04-01T12:41:13.804110+00:00 Pypa Importer Affected by VCID-74n4-53mc-2uc3 https://github.com/pypa/advisory-database/blob/main/vulns/dulwich/PYSEC-2015-34.yaml 38.0.0
2026-04-01T12:41:13.720288+00:00 Pypa Importer Affected by VCID-duga-b9sn-b7fc https://github.com/pypa/advisory-database/blob/main/vulns/dulwich/PYSEC-2015-35.yaml 38.0.0