CVE-2018-8098

Published: Mar 14, 2018

Modified: Aug 5, 2024

PUBLISHED

Description

Integer overflow in the index.c:read_entry() function while decompressing a compressed prefix length in libgit2 before v0.26.2 allows an attacker to cause a denial of service (out-of-bounds read) via a crafted repository index file.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://github.com/libgit2/libgit2/commit/3207ddb0103543da8ad2139ec6539f590f9900c1

x_refsource_CONFIRM

https://libgit2.github.com/security/

x_refsource_CONFIRM

https://github.com/libgit2/libgit2/commit/3db1af1f370295ad5355b8f64b865a2a357bcac0

x_refsource_CONFIRM

[debian-lts-announce] 20220321 [SECURITY] [DLA 2936-1] libgit2 security update

mailing-list

x_refsource_MLIST

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2018-8098

Description

Affected Products

References