apk package
chainguard/libgit2-1.5
pkg:apk/chainguard/libgit2-1.5
Vulnerabilities (3)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-24577 | — | < 1.7.2-r0 | 1.7.2-r0 | Feb 6, 2024 | libgit2 is a portable C implementation of the Git core methods provided as a linkable library with a solid API, allowing to build Git functionality into your application. Using well-crafted inputs to `git_index_add` can cause heap corruption that could be leveraged for arbitrary | ||
| CVE-2024-24575 | — | < 1.7.2-r0 | 1.7.2-r0 | Feb 6, 2024 | libgit2 is a portable C implementation of the Git core methods provided as a linkable library with a solid API, allowing to build Git functionality into your application. Using well-crafted inputs to `git_revparse_single` can cause the function to enter an infinite loop, potentia | ||
| CVE-2023-22742 | — | < 1.7.2-r0 | 1.7.2-r0 | Jan 20, 2023 | libgit2 is a cross-platform, linkable library implementation of Git. When using an SSH remote with the optional libssh2 backend, libgit2 does not perform certificate checking by default. Prior versions of libgit2 require the caller to set the `certificate_check` field of libgit2' |
- CVE-2024-24577Feb 6, 2024affected < 1.7.2-r0fixed 1.7.2-r0
libgit2 is a portable C implementation of the Git core methods provided as a linkable library with a solid API, allowing to build Git functionality into your application. Using well-crafted inputs to `git_index_add` can cause heap corruption that could be leveraged for arbitrary
- CVE-2024-24575Feb 6, 2024affected < 1.7.2-r0fixed 1.7.2-r0
libgit2 is a portable C implementation of the Git core methods provided as a linkable library with a solid API, allowing to build Git functionality into your application. Using well-crafted inputs to `git_revparse_single` can cause the function to enter an infinite loop, potentia
- CVE-2023-22742Jan 20, 2023affected < 1.7.2-r0fixed 1.7.2-r0
libgit2 is a cross-platform, linkable library implementation of Git. When using an SSH remote with the optional libssh2 backend, libgit2 does not perform certificate checking by default. Prior versions of libgit2 require the caller to set the `certificate_check` field of libgit2'