Описание
The git_commit_message function in oid.c in libgit2 before 0.24.3 allows remote attackers to cause a denial of service (out-of-bounds read) via a cat-file command with a crafted object file.
Ссылки
- Third Party Advisory
- Third Party Advisory
- Third Party Advisory
- Third Party Advisory
- Mailing ListPatchThird Party Advisory
- Third Party AdvisoryVDB Entry
- Issue Tracking
- Issue TrackingPatchThird Party Advisory
- Issue TrackingPatchThird Party Advisory
- Third Party Advisory
- Third Party Advisory
- Third Party Advisory
- Third Party Advisory
- Mailing ListPatchThird Party Advisory
- Third Party AdvisoryVDB Entry
- Issue Tracking
- Issue TrackingPatchThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:24:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:25:*:*:*:*:*:*:*
Конфигурация 2
Одно из
cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:leap:42.2:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*
Конфигурация 3Версия до 0.24.2 (включая)
cpe:2.3:a:libgit2_project:libgit2:*:*:*:*:*:*:*:*
EPSS
Процентиль: 70%
0.00637
Низкий
5.5 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-125
Связанные уязвимости
CVSS3: 5.5
ubuntu
около 9 лет назад
The git_commit_message function in oid.c in libgit2 before 0.24.3 allows remote attackers to cause a denial of service (out-of-bounds read) via a cat-file command with a crafted object file.
CVSS3: 5.5
debian
около 9 лет назад
The git_commit_message function in oid.c in libgit2 before 0.24.3 allo ...
CVSS3: 5.5
github
больше 3 лет назад
The git_commit_message function in oid.c in libgit2 before 0.24.3 allows remote attackers to cause a denial of service (out-of-bounds read) via a cat-file command with a crafted object file.
EPSS
Процентиль: 70%
0.00637
Низкий
5.5 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-125