Vulnerabilities > Dulwich Project > Dulwich > 0.3.1
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2017-10-29 | CVE-2017-16228 | Unspecified vulnerability in Dulwich Project Dulwich Dulwich before 0.18.5, when an SSH subprocess is used, allows remote attackers to execute arbitrary commands via an ssh URL with an initial dash character in the hostname, a related issue to CVE-2017-9800, CVE-2017-12836, CVE-2017-12976, CVE-2017-1000116, and CVE-2017-1000117. | 7.5 |
2015-03-31 | CVE-2015-0838 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Buffer overflow in the C implementation of the apply_delta function in _pack.c in Dulwich before 0.9.9 allows remote attackers to execute arbitrary code via a crafted pack file. | 7.5 |