CVE-2018-10888

Published: Jul 10, 2018

Modified: Sep 16, 2024

PUBLISHED

Description

A flaw was found in libgit2 before version 0.27.3. A missing check in git_delta_apply function in delta.c file, may lead to an out-of-bound read while reading a binary delta file. An attacker may use this flaw to cause a Denial of Service.

Vendor	Product	Versions
libgit2	libgit2	affected `before version 0.27.3`

Weaknesses (CWE)

CWE-20

References

https://github.com/libgit2/libgit2/commit/9844d38bed10e9ff17174434b3421b227ae710f3

x_refsource_CONFIRM

[debian-lts-announce] 20180825 [SECURITY] [DLA 1477-1] libgit2 security update

mailing-list

x_refsource_MLIST

https://github.com/libgit2/libgit2/releases/tag/v0.27.3

x_refsource_CONFIRM

https://bugzilla.redhat.com/show_bug.cgi?id=1598024

x_refsource_CONFIRM

[debian-lts-announce] 20220321 [SECURITY] [DLA 2936-1] libgit2 security update

mailing-list

x_refsource_MLIST

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2018-10888

Description

Affected Products

Weaknesses (CWE)

References