CVE-2018-11233

Sažetak

In Git before 2.13.7, 2.14.x before 2.14.4, 2.15.x before 2.15.2, 2.16.x before 2.16.4, and 2.17.x before 2.17.1, code to sanity-check pathnames on NTFS can result in reading out-of-bounds memory.

Reference

http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00003.html
http://www.securityfocus.com/bid/104346
http://www.securitytracker.com/id/1040991
https://access.redhat.com/errata/RHSA-2018:2147
https://marc.info/?l=git&m=152761328506724&w=2
https://security.gentoo.org/glsa/201805-13
https://usn.ubuntu.com/3671-1/

CVSS

Base:	5.0
Impact:	2.9
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	NONE	NONE

CVSS vektor

AV:N/AC:L/Au:N/C:P/I:N/A:N

Zadnje važnije ažuriranje

02-05-2020 - 00:15

Objavljeno

30-05-2018 - 04:29