Krishna Ram Prakash R

**Name of the Vulnerable Software and Affected Versions** libgit2 versions prior to 0.26.2 **Description** The issue is related to an integer overflow in the `read entry()` function of the `index.c` component in libgit2. This overflow occurs while decompressing a compressed prefix length. The exploitation of this issue allows a remote attacker to cause a denial of service, specifically an out-of-bounds read, by using a crafted repository index file. **Recommendations** For versions prior to 0.26.2, update to version 0.26.2 or later to resolve the issue. As a temporary workaround, consider restricting access to crafted repository index files to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** libgit2 versions prior to 0.26.2 **Description** The issue is related to a double free error in the index.c:read entry() function of libgit2, a C implementation of the Git methods. This error can be exploited by a remote attacker to cause a denial of service. The exploitation is possible via a crafted repository index file. **Recommendations** For versions prior to 0.26.2, update to version 0.26.2 or later to resolve the issue. As a temporary workaround, consider restricting access to the index.c:read entry() function until a patch is available.