threat
engine
.sh
Back
·
··:··
Home
/
Product
/
libgit2
Product
libgit2
16 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
Sort
Newest first
Oldest first
Highest CVSS
Lowest CVSS
Min CVSS
Any
4.0+
7.0+ (High)
9.0+ (Critical)
Published since
Reset
CVE-2024-24577
< 1.6.5
libgit2 is a portable C implementation of the Git core methods provided as a linkable library with a solid API, allowing to build
8.6
HIGH
CVE-2024-24575
>= 1.4.0 and < 1.6.5
libgit2 is a portable C implementation of the Git core methods provided as a linkable library with a solid API, allowing to build
7.5
HIGH
CVE-2023-22742
< 1.4.5
libgit2 is a cross-platform, linkable library implementation of Git. When using an SSH remote with the optional libssh2 backend, l
5.3
MEDIUM
CVE-2020-12279
< 0.28.4
An issue was discovered in libgit2 before 0.28.4 and 0.9x before 0.99.0. checkout.c mishandles equivalent filenames that exist bec
9.8
CRITICAL
CVE-2020-12278
< 0.28.4
An issue was discovered in libgit2 before 0.28.4 and 0.9x before 0.99.0. path.c mishandles equivalent filenames that exist because
9.8
CRITICAL
CVE-2014-9390
< 0.21.3
Git before 1.8.5.6, 1.9.x before 1.9.5, 2.0.x before 2.0.5, 2.1.x before 2.1.4, and 2.2.x before 2.2.1 on Windows and OS X; Mercur
9.8
CRITICAL
CVE-2018-15501
< 0.26.6
In ng_pkt in transports/smart_pkt.c in libgit2 before 0.26.6 and 0.27.x before 0.27.4, a remote attacker can send a crafted smart-
7.5
HIGH
CVE-2018-10888
< 0.27.3
A flaw was found in libgit2 before version 0.27.3. A missing check in git_delta_apply function in delta.c file, may lead to an out
6.5
MEDIUM
CVE-2018-10887
< 0.27.3
A flaw was found in libgit2 before version 0.27.3. It has been discovered that an unexpected sign extension in git_delta_apply fun
8.1
HIGH
CVE-2018-8099
< 0.26.2
Incorrect returning of an error code in the index.c:read_entry() function leads to a double free in libgit2 before v0.26.2, which
6.5
MEDIUM
CVE-2018-8098
< 0.26.2
Integer overflow in the index.c:read_entry() function while decompressing a compressed prefix length in libgit2 before v0.26.2 all
6.5
MEDIUM
CVE-2016-10130
<= 0.24.5
The http_connect function in transports/http.c in libgit2 before 0.24.6 and 0.25.x before 0.25.1 might allow man-in-the-middle att
5.9
MEDIUM
CVE-2016-10129
<= 0.24.5
The Git Smart Protocol support in libgit2 before 0.24.6 and 0.25.x before 0.25.1 allows remote attackers to cause a denial of serv
7.5
HIGH
CVE-2016-10128
<= 0.24.5
Buffer overflow in the git_pkt_parse_line function in transports/smart_pkt.c in the Git Smart Protocol support in libgit2 before 0
9.8
CRITICAL
CVE-2016-8569
<= 0.24.2
The git_oid_nfmt function in commit.c in libgit2 before 0.24.3 allows remote attackers to cause a denial of service (NULL pointer
5.5
MEDIUM
CVE-2016-8568
<= 0.24.2
The git_commit_message function in oid.c in libgit2 before 0.24.3 allows remote attackers to cause a denial of service (out-of-bou
5.5
MEDIUM
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh · Open-source threat intelligence platform · 100+ authoritative sources · Every fact traces to its origin