CVE-2018-10888

Description

A flaw was found in libgit2 before version 0.27.3. A missing check in git_delta_apply function in delta.c file, may lead to an out-of-bound read while reading a binary delta file. An attacker may use this flaw to cause a Denial of Service.

Affected packages (2)

• Alpine/libgit2from 0, < 0.27.3-r0
• Debian/libgit2from 0, < 0.27.4+dfsg.1-0.1

CVSS scores

References (2)

• ADVISORYhttps://security.alpinelinux.org/vuln/CVE-2018-10888
• ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2018-10888