VulnerableCode Package Details - pkg:pypi/pygit2@0.27.4

Search for packages

Vulnerability	Summary	Fixed by
VCID-52tu-vs8k-fbfe Aliases: CVE-2020-12278 GHSA-5wph-8frv-58vj	libgit2: files inside the .git directory may be overwritten during cloning via NTFS Alternate Data Streams	1.1.0 Affected by 0 other vulnerabilities.
VCID-tmtv-wcxy-sqht Aliases: CVE-2020-12279 GHSA-589j-mmg9-733v	libgit2: NTFS protections inactive when running Git in the Windows Subsystem for Linux	1.1.0 Affected by 0 other vulnerabilities.

Vulnerability

Summary

Fixed by

VCID-52tu-vs8k-fbfe
Aliases:
CVE-2020-12278
GHSA-5wph-8frv-58vj

libgit2: files inside the .git directory may be overwritten during cloning via NTFS Alternate Data Streams

1.1.0
Affected by 0 other vulnerabilities.

VCID-tmtv-wcxy-sqht
Aliases:
CVE-2020-12279
GHSA-589j-mmg9-733v

libgit2: NTFS protections inactive when running Git in the Windows Subsystem for Linux

1.1.0
Affected by 0 other vulnerabilities.

Vulnerability	Summary	Aliases
VCID-nq88-cr6a-17fw	Out-of-bounds Read In the library libgit2, which is used by pygit2, a remote attacker can send a crafted smart-protocol `ng` packet that lacks a `\0` byte to trigger an out-of-bounds read leading to a DoS.	CVE-2018-15501

Vulnerability

Summary

Aliases

VCID-nq88-cr6a-17fw

Out-of-bounds Read In the library libgit2, which is used by pygit2, a remote attacker can send a crafted smart-protocol `ng` packet that lacks a `\0` byte to trigger an out-of-bounds read leading to a DoS.

CVE-2018-15501

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-16T21:02:49.820191+00:00	GitLab Importer	Affected by	VCID-tmtv-wcxy-sqht	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/pygit2/CVE-2020-12279.yml	38.4.0
2026-04-16T21:02:49.526400+00:00	GitLab Importer	Affected by	VCID-52tu-vs8k-fbfe	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/pygit2/CVE-2020-12278.yml	38.4.0
2026-04-11T22:14:12.637076+00:00	GitLab Importer	Affected by	VCID-tmtv-wcxy-sqht	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/pygit2/CVE-2020-12279.yml	38.3.0
2026-04-11T22:14:12.311945+00:00	GitLab Importer	Affected by	VCID-52tu-vs8k-fbfe	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/pygit2/CVE-2020-12278.yml	38.3.0
2026-04-02T22:26:33.559700+00:00	GitLab Importer	Affected by	VCID-tmtv-wcxy-sqht	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/pygit2/CVE-2020-12279.yml	38.1.0
2026-04-02T22:26:33.213280+00:00	GitLab Importer	Affected by	VCID-52tu-vs8k-fbfe	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/pygit2/CVE-2020-12278.yml	38.1.0
2026-04-01T12:47:56.106698+00:00	GitLab Importer	Fixing	VCID-nq88-cr6a-17fw	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/pygit2/CVE-2018-15501.yml	38.0.0