Search for packages
| purl | pkg:pypi/pygit2@0.20.2 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-1uzu-6121-x7bc
Aliases: CVE-2018-10887 |
Out-of-bounds Read The libgit2 library, which is used by pygit2, is vulnerable to an integer overflow which leads to an out-of-bound read. An attacker may use this flaw to leak memory addresses or cause a Denial of Service. |
Affected by 2 other vulnerabilities. |
|
VCID-2s6d-9bsu-zqaq
Aliases: CVE-2018-10888 |
Out-of-bounds Read A flaw was found in libgit2 which is wrapped by the rugged gem. A missing check in git_delta_apply function in `delta.c` file, may lead to an out-of-bound read while reading a binary delta file. An attacker may use this flaw to cause a Denial of Service. |
Affected by 2 other vulnerabilities. |
|
VCID-52tu-vs8k-fbfe
Aliases: CVE-2020-12278 GHSA-5wph-8frv-58vj |
libgit2: files inside the .git directory may be overwritten during cloning via NTFS Alternate Data Streams |
Affected by 0 other vulnerabilities. |
|
VCID-nq88-cr6a-17fw
Aliases: CVE-2018-15501 |
Out-of-bounds Read In the library libgit2, which is used by pygit2, a remote attacker can send a crafted smart-protocol `ng` packet that lacks a `\0` byte to trigger an out-of-bounds read leading to a DoS. |
Affected by 2 other vulnerabilities. |
|
VCID-tmtv-wcxy-sqht
Aliases: CVE-2020-12279 GHSA-589j-mmg9-733v |
libgit2: NTFS protections inactive when running Git in the Windows Subsystem for Linux |
Affected by 0 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||