BETAmodules.com is in beta — open to partnerships & joint ventures.Build with us
modules.com
⌘K

libgit2-sys

v0.10.0crates.io· Rust

Native bindings to the libgit2 library

The verdict
Has 4 high-severity advisories. Verify a patched version exists before using. Check the OSV link for the fixed-in version.
Check the OSV link for the fixed-in version.
Live from the crates.io registry · derived rules, not AI
How it scores
MaintenanceAbandoned
PopularityTop 1%
Security4 advisories
LicensePermissive
DepsZero deps
Maintenance
Last published 6 years ago.
Popularity
1.1M downloads / week
Security
4 known advisories (worst: high severity).
License
Apache-2.0 OR MIT
Dependencies
No runtime dependencies
Security advisories
Live from OSV.dev · cached 24h
  • HIGH
    libgit2-sys affected by memory corruption, denial of service, and arbitrary code execution in libgit2
    GHSA-22q8-ghmq-63vf Fixed in 0.16.2Published 2024-02-12
  • MEDIUM
    git2-rs fails to verify SSH keys by default
    GHSA-m4ch-rfv5-x5g3 Fixed in 0.14.2Published 2023-01-20
  • UNKNOWN
    git2 does not verify SSH keys by default
    RUSTSEC-2023-0003 Fixed in 0.13.5Published 2023-01-20
  • UNKNOWN
    Memory corruption, denial of service, and arbitrary code execution in libgit2
    RUSTSEC-2024-0013 Fixed in 0.16.2Published 2024-02-06
Recent releases
  • 0.18.5+1.9.4this month
  • 0.18.4+1.9.3this month
  • 0.18.3+1.9.26 months ago
  • 0.18.2+1.9.111 months ago
  • 0.18.1+1.9.0over a year ago
  • 0.18.0+1.9.0over a year ago
  • 0.17.0+1.8.1over a year ago
  • 0.16.2+1.7.22 years ago
libgit2-sys — Native bindings to the libgit2 library (Rust / crates.io) — verdict, alternatives & security · Modules