汇总 dulwich_project 相关全部产品的 CVE 与安全漏洞情报,包括 CVSS、EPSS、公开时间与漏洞情报数据。
已披露问题常与 缓冲区溢出 相关,可能在 生产负载与软件部署 场景中带来 应用崩溃与内存损坏 等暴露风险。
相关漏洞数据主要来源于公开漏洞披露与安全公告,可用于评估历史漏洞暴露面与修复优先级。
| CVE | 摘要 | 来源 | 最高 CVSS | EPSS % | 公开时间 | 更新时间 |
|---|---|---|---|---|---|---|
| CVE-2017-16228 | Dulwich before 0.18.5, when an SSH subprocess is used, allows remote attackers to execute arbitrary commands via an ssh URL with an initial dash character in the hostname, a related issue to CVE-2017-9800, CVE-2017-12836, CVE-2017-12976, CVE-2017-1000116, and CVE-2017-1000117. | [email protected] | 9.8 | 3.39% | 2017-10-29 | 2026-06-16 |
| CVE-2015-0838 | Buffer overflow in the C implementation of the apply_delta function in _pack.c in Dulwich before 0.9.9 allows remote attackers to execute arbitrary code via a crafted pack file. | [email protected] | 7.5 | 3.38% | 2015-03-31 | 2026-06-16 |
| CVE-2014-9706 | The build_index_from_tree function in index.py in Dulwich before 0.9.9 allows remote attackers to execute arbitrary code via a commit with a directory path starting with .git/, which is not properly handled when checking out a working tree. | [email protected] | 7.5 | 5.03% | 2015-03-31 | 2026-06-16 |