CRITICAL 9.8 PyPI
GHSA-cwwh-4382-6fwr · CVE-2017-16228, PYSEC-2017-12 Dulwich RCE Vulnerability
Modified: 11/30/2024
package
PyPI / dulwich
pkg:pypi/dulwich
CRITICAL 9.8 PyPI
GHSA-vjjf-3rvg-gv3v · CVE-2015-0838, PYSEC-2015-35 Dulwich Buffer Overflow when handling pack files
Modified: 4/14/2025
MEDIUM 5.7 PyPI
GHSA-xrvj-v92f-53gj · CVE-2026-47734 Dulwich has unbounded memory allocation in receive-pack from crafted thin packs
Modified: 6/11/2026
— PyPI
PYSEC-2015-34 · CVE-2014-9706, GHSA-4j5j-58j7-6c3w Modified: 6/10/2026
— PyPI
PYSEC-2015-35 · CVE-2015-0838, GHSA-vjjf-3rvg-gv3v Modified: 6/10/2026
— PyPI
PYSEC-2017-12 · CVE-2017-16228, GHSA-cwwh-4382-6fwr Modified: 6/10/2026
CRITICAL 9.8 PyPI
GHSA-4j5j-58j7-6c3w · CVE-2014-9706, PYSEC-2015-34 Dulwich Arbitrary code execution via commit with directory path starting with .git
Modified: 5/14/2026
LOW 3.3 PyPI
GHSA-555p-6grf-mh7f · CVE-2026-47712 Dulwich doesn't sanitize commit subjects in `porcelain.format_patch`
Modified: 6/11/2026
HIGH 8.8 PyPI
GHSA-897w-fcg9-f6xj · CVE-2026-42305 Dulwich has an arbitrary file write via NTFS-hostile tree entries on Windows
Modified: 6/11/2026
HIGH PyPI
GHSA-9277-mp7x-85jf · CVE-2026-42563 Dulwich Vulnerable to Command Injection via Merge Driver Path
Modified: 6/11/2026