Skip to main content

Dulwich

3 CVEs product

Monthly

CVE-2017-16228 PyPI CRITICAL PATCH Act Now

Dulwich before 0.18.5, when an SSH subprocess is used, allows remote attackers to execute arbitrary commands via an ssh URL with an initial dash character in the hostname, a related issue to. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Dulwich
NVD
CVSS 3.0
9.8
EPSS
0.4%
CVE-2015-0838 PyPI HIGH PATCH This Week

Buffer overflow in the C implementation of the apply_delta function in _pack.c in Dulwich before 0.9.9 allows remote attackers to execute arbitrary code via a crafted pack file. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity.

RCE Buffer Overflow Debian Linux Dulwich
NVD
CVSS 2.0
7.5
EPSS
2.8%
CVE-2014-9706 PyPI HIGH POC PATCH GHSA This Week

The build_index_from_tree function in index.py in Dulwich before 0.9.9 allows remote attackers to execute arbitrary code via a commit with a directory path starting with .git/, which is not properly. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

RCE Debian Linux Dulwich
NVD
CVSS 2.0
7.5
EPSS
2.8%
EPSS 0% CVSS 9.8
CRITICAL PATCH Act Now

Dulwich before 0.18.5, when an SSH subprocess is used, allows remote attackers to execute arbitrary commands via an ssh URL with an initial dash character in the hostname, a related issue to. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Dulwich
NVD
EPSS 3% CVSS 7.5
HIGH PATCH This Week

Buffer overflow in the C implementation of the apply_delta function in _pack.c in Dulwich before 0.9.9 allows remote attackers to execute arbitrary code via a crafted pack file. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity.

RCE Buffer Overflow Debian Linux +1
NVD
EPSS 3% CVSS 7.5
HIGH POC PATCH This Week

The build_index_from_tree function in index.py in Dulwich before 0.9.9 allows remote attackers to execute arbitrary code via a commit with a directory path starting with .git/, which is not properly. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

RCE Debian Linux Dulwich
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy