Search criteria
9 vulnerabilities found for dulwich by dulwich_project
FKIE_CVE-2017-16228
Vulnerability from fkie_nvd - Published: 2017-10-29 20:29 - Updated: 2025-04-20 01:37
Severity ?
Summary
Dulwich before 0.18.5, when an SSH subprocess is used, allows remote attackers to execute arbitrary commands via an ssh URL with an initial dash character in the hostname, a related issue to CVE-2017-9800, CVE-2017-12836, CVE-2017-12976, CVE-2017-1000116, and CVE-2017-1000117.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | https://tracker.debian.org/news/882440 | Issue Tracking, Third Party Advisory | |
| cve@mitre.org | https://www.dulwich.io/code/dulwich/ | Product, Vendor Advisory | |
| cve@mitre.org | https://www.dulwich.io/code/dulwich/commit/7116a0cbbda571f7dac863f4b1c00b6e16d6d8d6/ | Issue Tracking, Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://tracker.debian.org/news/882440 | Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.dulwich.io/code/dulwich/ | Product, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.dulwich.io/code/dulwich/commit/7116a0cbbda571f7dac863f4b1c00b6e16d6d8d6/ | Issue Tracking, Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| dulwich_project | dulwich | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:dulwich_project:dulwich:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9358D52F-0A29-4343-8F98-FC6575BAB78E",
"versionEndIncluding": "0.18.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Dulwich before 0.18.5, when an SSH subprocess is used, allows remote attackers to execute arbitrary commands via an ssh URL with an initial dash character in the hostname, a related issue to CVE-2017-9800, CVE-2017-12836, CVE-2017-12976, CVE-2017-1000116, and CVE-2017-1000117."
},
{
"lang": "es",
"value": "Dulwich en versiones anteriores a la 0.18.5, cuando se utiliza un subproceso SSH, perote que atacantes remotos ejecuten comandos arbitrarios mediante una URL ssh con un car\u00e1cter gui\u00f3n inicial en el nombre del host. Esta vulnerabilidad est\u00e1 relacioada con CVE-2017-9800, CVE-2017-12836, CVE-2017-12976, CVE-2017-1000116, and CVE-2017-1000117."
}
],
"id": "CVE-2017-16228",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-10-29T20:29:00.237",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://tracker.debian.org/news/882440"
},
{
"source": "cve@mitre.org",
"tags": [
"Product",
"Vendor Advisory"
],
"url": "https://www.dulwich.io/code/dulwich/"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Patch",
"Vendor Advisory"
],
"url": "https://www.dulwich.io/code/dulwich/commit/7116a0cbbda571f7dac863f4b1c00b6e16d6d8d6/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://tracker.debian.org/news/882440"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product",
"Vendor Advisory"
],
"url": "https://www.dulwich.io/code/dulwich/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch",
"Vendor Advisory"
],
"url": "https://www.dulwich.io/code/dulwich/commit/7116a0cbbda571f7dac863f4b1c00b6e16d6d8d6/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2015-0838
Vulnerability from fkie_nvd - Published: 2015-03-31 14:59 - Updated: 2025-04-12 10:46
Severity ?
Summary
Buffer overflow in the C implementation of the apply_delta function in _pack.c in Dulwich before 0.9.9 allows remote attackers to execute arbitrary code via a crafted pack file.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| debian | debian_linux | 7.0 | |
| dulwich_project | dulwich | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:dulwich_project:dulwich:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6BC22976-118E-4870-B343-6FF6E8C7B340",
"versionEndIncluding": "0.9.8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the C implementation of the apply_delta function in _pack.c in Dulwich before 0.9.9 allows remote attackers to execute arbitrary code via a crafted pack file."
},
{
"lang": "es",
"value": "Desbordamiento de buffer en la implementaci\u00f3n C de la funci\u00f3n apply_delta en _pack.c en Dulwich anterior a 0.9.9 permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de un fichero de paquetes."
}
],
"id": "CVE-2015-0838",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-03-31T14:59:08.173",
"references": [
{
"source": "security@debian.org",
"url": "http://www.debian.org/security/2015/dsa-3206"
},
{
"source": "security@debian.org",
"tags": [
"Vendor Advisory"
],
"url": "https://lists.launchpad.net/dulwich-users/msg00829.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2015/dsa-3206"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://lists.launchpad.net/dulwich-users/msg00829.html"
}
],
"sourceIdentifier": "security@debian.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2014-9706
Vulnerability from fkie_nvd - Published: 2015-03-31 14:59 - Updated: 2025-04-12 10:46
Severity ?
Summary
The build_index_from_tree function in index.py in Dulwich before 0.9.9 allows remote attackers to execute arbitrary code via a commit with a directory path starting with .git/, which is not properly handled when checking out a working tree.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| debian | debian_linux | 7.0 | |
| dulwich_project | dulwich | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:dulwich_project:dulwich:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6BC22976-118E-4870-B343-6FF6E8C7B340",
"versionEndIncluding": "0.9.8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The build_index_from_tree function in index.py in Dulwich before 0.9.9 allows remote attackers to execute arbitrary code via a commit with a directory path starting with .git/, which is not properly handled when checking out a working tree."
},
{
"lang": "es",
"value": "La funci\u00f3n build_index_from_tree en index.py en Dulwich anterior a 0.9.9 permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de una asignaci\u00f3n con una ruta de directorio que comienza con .git/, lo que no se maneja correctamente cuando compruebe un \u00e1rbol de trabajos."
}
],
"id": "CVE-2014-9706",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-03-31T14:59:04.860",
"references": [
{
"source": "security@debian.org",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/154523.html"
},
{
"source": "security@debian.org",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/154551.html"
},
{
"source": "security@debian.org",
"url": "http://www.debian.org/security/2015/dsa-3206"
},
{
"source": "security@debian.org",
"tags": [
"Exploit"
],
"url": "http://www.openwall.com/lists/oss-security/2015/03/21/1"
},
{
"source": "security@debian.org",
"url": "http://www.openwall.com/lists/oss-security/2015/03/22/26"
},
{
"source": "security@debian.org",
"url": "https://git.samba.org/?p=jelmer/dulwich.git%3Ba=commitdiff%3Bh=091638be3c89f46f42c3b1d57dc1504af5729176"
},
{
"source": "security@debian.org",
"tags": [
"Exploit"
],
"url": "https://lists.launchpad.net/dulwich-users/msg00827.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/154523.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/154551.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2015/dsa-3206"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.openwall.com/lists/oss-security/2015/03/21/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2015/03/22/26"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://git.samba.org/?p=jelmer/dulwich.git%3Ba=commitdiff%3Bh=091638be3c89f46f42c3b1d57dc1504af5729176"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "https://lists.launchpad.net/dulwich-users/msg00827.html"
}
],
"sourceIdentifier": "security@debian.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-19"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2017-16228 (GCVE-0-2017-16228)
Vulnerability from cvelistv5 – Published: 2017-10-29 20:00 – Updated: 2024-08-05 20:20
VLAI?
Summary
Dulwich before 0.18.5, when an SSH subprocess is used, allows remote attackers to execute arbitrary commands via an ssh URL with an initial dash character in the hostname, a related issue to CVE-2017-9800, CVE-2017-12836, CVE-2017-12976, CVE-2017-1000116, and CVE-2017-1000117.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T20:20:05.213Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://tracker.debian.org/news/882440"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.dulwich.io/code/dulwich/commit/7116a0cbbda571f7dac863f4b1c00b6e16d6d8d6/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.dulwich.io/code/dulwich/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-10-29T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Dulwich before 0.18.5, when an SSH subprocess is used, allows remote attackers to execute arbitrary commands via an ssh URL with an initial dash character in the hostname, a related issue to CVE-2017-9800, CVE-2017-12836, CVE-2017-12976, CVE-2017-1000116, and CVE-2017-1000117."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-29T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://tracker.debian.org/news/882440"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.dulwich.io/code/dulwich/commit/7116a0cbbda571f7dac863f4b1c00b6e16d6d8d6/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.dulwich.io/code/dulwich/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-16228",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Dulwich before 0.18.5, when an SSH subprocess is used, allows remote attackers to execute arbitrary commands via an ssh URL with an initial dash character in the hostname, a related issue to CVE-2017-9800, CVE-2017-12836, CVE-2017-12976, CVE-2017-1000116, and CVE-2017-1000117."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://tracker.debian.org/news/882440",
"refsource": "MISC",
"url": "https://tracker.debian.org/news/882440"
},
{
"name": "https://www.dulwich.io/code/dulwich/commit/7116a0cbbda571f7dac863f4b1c00b6e16d6d8d6/",
"refsource": "MISC",
"url": "https://www.dulwich.io/code/dulwich/commit/7116a0cbbda571f7dac863f4b1c00b6e16d6d8d6/"
},
{
"name": "https://www.dulwich.io/code/dulwich/",
"refsource": "MISC",
"url": "https://www.dulwich.io/code/dulwich/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-16228",
"datePublished": "2017-10-29T20:00:00",
"dateReserved": "2017-10-29T00:00:00",
"dateUpdated": "2024-08-05T20:20:05.213Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-9706 (GCVE-0-2014-9706)
Vulnerability from cvelistv5 – Published: 2015-03-31 14:00 – Updated: 2024-08-06 13:55
VLAI?
Summary
The build_index_from_tree function in index.py in Dulwich before 0.9.9 allows remote attackers to execute arbitrary code via a commit with a directory path starting with .git/, which is not properly handled when checking out a working tree.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T13:55:04.070Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "DSA-3206",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2015/dsa-3206"
},
{
"name": "FEDORA-2015-4534",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/154551.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://git.samba.org/?p=jelmer/dulwich.git%3Ba=commitdiff%3Bh=091638be3c89f46f42c3b1d57dc1504af5729176"
},
{
"name": "[oss-security] 20150322 Re: Possible CVE Request: dulwich: does not prevent to write files in commits with invalid paths to working tree",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2015/03/22/26"
},
{
"name": "[oss-security] 20150321 Possible CVE Request: dulwich: does not prevent to write files in commits with invalid paths to working tree",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2015/03/21/1"
},
{
"name": "[dulwich-users] 20141219 Re: Git vulnerability CVE-2014-9390",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.launchpad.net/dulwich-users/msg00827.html"
},
{
"name": "FEDORA-2015-4575",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/154523.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-12-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The build_index_from_tree function in index.py in Dulwich before 0.9.9 allows remote attackers to execute arbitrary code via a commit with a directory path starting with .git/, which is not properly handled when checking out a working tree."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2015-04-13T14:57:00",
"orgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
"shortName": "debian"
},
"references": [
{
"name": "DSA-3206",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2015/dsa-3206"
},
{
"name": "FEDORA-2015-4534",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/154551.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://git.samba.org/?p=jelmer/dulwich.git%3Ba=commitdiff%3Bh=091638be3c89f46f42c3b1d57dc1504af5729176"
},
{
"name": "[oss-security] 20150322 Re: Possible CVE Request: dulwich: does not prevent to write files in commits with invalid paths to working tree",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2015/03/22/26"
},
{
"name": "[oss-security] 20150321 Possible CVE Request: dulwich: does not prevent to write files in commits with invalid paths to working tree",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2015/03/21/1"
},
{
"name": "[dulwich-users] 20141219 Re: Git vulnerability CVE-2014-9390",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.launchpad.net/dulwich-users/msg00827.html"
},
{
"name": "FEDORA-2015-4575",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/154523.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@debian.org",
"ID": "CVE-2014-9706",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The build_index_from_tree function in index.py in Dulwich before 0.9.9 allows remote attackers to execute arbitrary code via a commit with a directory path starting with .git/, which is not properly handled when checking out a working tree."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "DSA-3206",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3206"
},
{
"name": "FEDORA-2015-4534",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/154551.html"
},
{
"name": "https://git.samba.org/?p=jelmer/dulwich.git;a=commitdiff;h=091638be3c89f46f42c3b1d57dc1504af5729176",
"refsource": "CONFIRM",
"url": "https://git.samba.org/?p=jelmer/dulwich.git;a=commitdiff;h=091638be3c89f46f42c3b1d57dc1504af5729176"
},
{
"name": "[oss-security] 20150322 Re: Possible CVE Request: dulwich: does not prevent to write files in commits with invalid paths to working tree",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/03/22/26"
},
{
"name": "[oss-security] 20150321 Possible CVE Request: dulwich: does not prevent to write files in commits with invalid paths to working tree",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/03/21/1"
},
{
"name": "[dulwich-users] 20141219 Re: Git vulnerability CVE-2014-9390",
"refsource": "MLIST",
"url": "https://lists.launchpad.net/dulwich-users/msg00827.html"
},
{
"name": "FEDORA-2015-4575",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/154523.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
"assignerShortName": "debian",
"cveId": "CVE-2014-9706",
"datePublished": "2015-03-31T14:00:00",
"dateReserved": "2015-03-22T00:00:00",
"dateUpdated": "2024-08-06T13:55:04.070Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-0838 (GCVE-0-2015-0838)
Vulnerability from cvelistv5 – Published: 2015-03-31 14:00 – Updated: 2024-08-06 04:26
VLAI?
Summary
Buffer overflow in the C implementation of the apply_delta function in _pack.c in Dulwich before 0.9.9 allows remote attackers to execute arbitrary code via a crafted pack file.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T04:26:11.072Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "DSA-3206",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2015/dsa-3206"
},
{
"name": "[oss-security] 20150322 Dulwich security issue",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.launchpad.net/dulwich-users/msg00829.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-03-22T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the C implementation of the apply_delta function in _pack.c in Dulwich before 0.9.9 allows remote attackers to execute arbitrary code via a crafted pack file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2015-03-31T12:57:01",
"orgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
"shortName": "debian"
},
"references": [
{
"name": "DSA-3206",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2015/dsa-3206"
},
{
"name": "[oss-security] 20150322 Dulwich security issue",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.launchpad.net/dulwich-users/msg00829.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@debian.org",
"ID": "CVE-2015-0838",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the C implementation of the apply_delta function in _pack.c in Dulwich before 0.9.9 allows remote attackers to execute arbitrary code via a crafted pack file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "DSA-3206",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3206"
},
{
"name": "[oss-security] 20150322 Dulwich security issue",
"refsource": "MLIST",
"url": "https://lists.launchpad.net/dulwich-users/msg00829.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
"assignerShortName": "debian",
"cveId": "CVE-2015-0838",
"datePublished": "2015-03-31T14:00:00",
"dateReserved": "2015-01-07T00:00:00",
"dateUpdated": "2024-08-06T04:26:11.072Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-16228 (GCVE-0-2017-16228)
Vulnerability from nvd – Published: 2017-10-29 20:00 – Updated: 2024-08-05 20:20
VLAI?
Summary
Dulwich before 0.18.5, when an SSH subprocess is used, allows remote attackers to execute arbitrary commands via an ssh URL with an initial dash character in the hostname, a related issue to CVE-2017-9800, CVE-2017-12836, CVE-2017-12976, CVE-2017-1000116, and CVE-2017-1000117.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T20:20:05.213Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://tracker.debian.org/news/882440"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.dulwich.io/code/dulwich/commit/7116a0cbbda571f7dac863f4b1c00b6e16d6d8d6/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.dulwich.io/code/dulwich/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-10-29T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Dulwich before 0.18.5, when an SSH subprocess is used, allows remote attackers to execute arbitrary commands via an ssh URL with an initial dash character in the hostname, a related issue to CVE-2017-9800, CVE-2017-12836, CVE-2017-12976, CVE-2017-1000116, and CVE-2017-1000117."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-29T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://tracker.debian.org/news/882440"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.dulwich.io/code/dulwich/commit/7116a0cbbda571f7dac863f4b1c00b6e16d6d8d6/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.dulwich.io/code/dulwich/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-16228",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Dulwich before 0.18.5, when an SSH subprocess is used, allows remote attackers to execute arbitrary commands via an ssh URL with an initial dash character in the hostname, a related issue to CVE-2017-9800, CVE-2017-12836, CVE-2017-12976, CVE-2017-1000116, and CVE-2017-1000117."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://tracker.debian.org/news/882440",
"refsource": "MISC",
"url": "https://tracker.debian.org/news/882440"
},
{
"name": "https://www.dulwich.io/code/dulwich/commit/7116a0cbbda571f7dac863f4b1c00b6e16d6d8d6/",
"refsource": "MISC",
"url": "https://www.dulwich.io/code/dulwich/commit/7116a0cbbda571f7dac863f4b1c00b6e16d6d8d6/"
},
{
"name": "https://www.dulwich.io/code/dulwich/",
"refsource": "MISC",
"url": "https://www.dulwich.io/code/dulwich/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-16228",
"datePublished": "2017-10-29T20:00:00",
"dateReserved": "2017-10-29T00:00:00",
"dateUpdated": "2024-08-05T20:20:05.213Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-9706 (GCVE-0-2014-9706)
Vulnerability from nvd – Published: 2015-03-31 14:00 – Updated: 2024-08-06 13:55
VLAI?
Summary
The build_index_from_tree function in index.py in Dulwich before 0.9.9 allows remote attackers to execute arbitrary code via a commit with a directory path starting with .git/, which is not properly handled when checking out a working tree.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T13:55:04.070Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "DSA-3206",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2015/dsa-3206"
},
{
"name": "FEDORA-2015-4534",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/154551.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://git.samba.org/?p=jelmer/dulwich.git%3Ba=commitdiff%3Bh=091638be3c89f46f42c3b1d57dc1504af5729176"
},
{
"name": "[oss-security] 20150322 Re: Possible CVE Request: dulwich: does not prevent to write files in commits with invalid paths to working tree",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2015/03/22/26"
},
{
"name": "[oss-security] 20150321 Possible CVE Request: dulwich: does not prevent to write files in commits with invalid paths to working tree",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2015/03/21/1"
},
{
"name": "[dulwich-users] 20141219 Re: Git vulnerability CVE-2014-9390",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.launchpad.net/dulwich-users/msg00827.html"
},
{
"name": "FEDORA-2015-4575",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/154523.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-12-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The build_index_from_tree function in index.py in Dulwich before 0.9.9 allows remote attackers to execute arbitrary code via a commit with a directory path starting with .git/, which is not properly handled when checking out a working tree."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2015-04-13T14:57:00",
"orgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
"shortName": "debian"
},
"references": [
{
"name": "DSA-3206",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2015/dsa-3206"
},
{
"name": "FEDORA-2015-4534",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/154551.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://git.samba.org/?p=jelmer/dulwich.git%3Ba=commitdiff%3Bh=091638be3c89f46f42c3b1d57dc1504af5729176"
},
{
"name": "[oss-security] 20150322 Re: Possible CVE Request: dulwich: does not prevent to write files in commits with invalid paths to working tree",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2015/03/22/26"
},
{
"name": "[oss-security] 20150321 Possible CVE Request: dulwich: does not prevent to write files in commits with invalid paths to working tree",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2015/03/21/1"
},
{
"name": "[dulwich-users] 20141219 Re: Git vulnerability CVE-2014-9390",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.launchpad.net/dulwich-users/msg00827.html"
},
{
"name": "FEDORA-2015-4575",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/154523.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@debian.org",
"ID": "CVE-2014-9706",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The build_index_from_tree function in index.py in Dulwich before 0.9.9 allows remote attackers to execute arbitrary code via a commit with a directory path starting with .git/, which is not properly handled when checking out a working tree."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "DSA-3206",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3206"
},
{
"name": "FEDORA-2015-4534",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/154551.html"
},
{
"name": "https://git.samba.org/?p=jelmer/dulwich.git;a=commitdiff;h=091638be3c89f46f42c3b1d57dc1504af5729176",
"refsource": "CONFIRM",
"url": "https://git.samba.org/?p=jelmer/dulwich.git;a=commitdiff;h=091638be3c89f46f42c3b1d57dc1504af5729176"
},
{
"name": "[oss-security] 20150322 Re: Possible CVE Request: dulwich: does not prevent to write files in commits with invalid paths to working tree",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/03/22/26"
},
{
"name": "[oss-security] 20150321 Possible CVE Request: dulwich: does not prevent to write files in commits with invalid paths to working tree",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/03/21/1"
},
{
"name": "[dulwich-users] 20141219 Re: Git vulnerability CVE-2014-9390",
"refsource": "MLIST",
"url": "https://lists.launchpad.net/dulwich-users/msg00827.html"
},
{
"name": "FEDORA-2015-4575",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/154523.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
"assignerShortName": "debian",
"cveId": "CVE-2014-9706",
"datePublished": "2015-03-31T14:00:00",
"dateReserved": "2015-03-22T00:00:00",
"dateUpdated": "2024-08-06T13:55:04.070Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-0838 (GCVE-0-2015-0838)
Vulnerability from nvd – Published: 2015-03-31 14:00 – Updated: 2024-08-06 04:26
VLAI?
Summary
Buffer overflow in the C implementation of the apply_delta function in _pack.c in Dulwich before 0.9.9 allows remote attackers to execute arbitrary code via a crafted pack file.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T04:26:11.072Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "DSA-3206",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2015/dsa-3206"
},
{
"name": "[oss-security] 20150322 Dulwich security issue",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.launchpad.net/dulwich-users/msg00829.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-03-22T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the C implementation of the apply_delta function in _pack.c in Dulwich before 0.9.9 allows remote attackers to execute arbitrary code via a crafted pack file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2015-03-31T12:57:01",
"orgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
"shortName": "debian"
},
"references": [
{
"name": "DSA-3206",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2015/dsa-3206"
},
{
"name": "[oss-security] 20150322 Dulwich security issue",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.launchpad.net/dulwich-users/msg00829.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@debian.org",
"ID": "CVE-2015-0838",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the C implementation of the apply_delta function in _pack.c in Dulwich before 0.9.9 allows remote attackers to execute arbitrary code via a crafted pack file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "DSA-3206",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3206"
},
{
"name": "[oss-security] 20150322 Dulwich security issue",
"refsource": "MLIST",
"url": "https://lists.launchpad.net/dulwich-users/msg00829.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
"assignerShortName": "debian",
"cveId": "CVE-2015-0838",
"datePublished": "2015-03-31T14:00:00",
"dateReserved": "2015-01-07T00:00:00",
"dateUpdated": "2024-08-06T04:26:11.072Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}