VulnerableCode Package Details - pkg:alpm/archlinux/libgit2@1:0.24.6-1

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:alpm/archlinux/libgit2@1:0.24.6-1

Essentials
History (3)

purl	pkg:alpm/archlinux/libgit2@1:0.24.6-1

Vulnerabilities affecting this package (0)

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerabilities fixed by this package (3)

Vulnerability	Summary	Aliases
VCID-bejf-17ah-tybt	Buffer overflow in the git_pkt_parse_line function in transports/smart_pkt.c in the Git Smart Protocol support in libgit2 before 0.24.6 and 0.25.x before 0.25.1 allows remote attackers to have unspecified impact via a crafted non-flush packet.	CVE-2016-10128
VCID-rvbe-y541-nyh7	The Git Smart Protocol support in libgit2 before 0.24.6 and 0.25.x before 0.25.1 allows remote attackers to cause a denial of service (NULL pointer dereference) via an empty packet line.	CVE-2016-10129
VCID-xab7-k14p-uqbx	The http_connect function in transports/http.c in libgit2 before 0.24.6 and 0.25.x before 0.25.1 might allow man-in-the-middle attackers to spoof servers by leveraging clobbering of the error variable.	CVE-2016-10130

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-01T18:26:18.504971+00:00	Arch Linux Importer	Fixing	VCID-bejf-17ah-tybt	https://security.archlinux.org/AVG-131	38.0.0
2026-04-01T18:26:18.481392+00:00	Arch Linux Importer	Fixing	VCID-rvbe-y541-nyh7	https://security.archlinux.org/AVG-131	38.0.0
2026-04-01T18:26:18.459177+00:00	Arch Linux Importer	Fixing	VCID-xab7-k14p-uqbx	https://security.archlinux.org/AVG-131	38.0.0