CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-8098

Integer overflow in the index.c:read_entry() function while decompressing a compressed prefix length in libgit2 before v0.26.2 allows an attacker to cause a denial of service (out-of-bounds read) via a crafted repository index file.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.007

EPSS Ranking 71.9%

CVSS Severity

CVSS v3 Score 6.5

CVSS v2 Score 4.3

References

Products affected by CVE-2018-8098

Libgit2 » Libgit2 » Version: N/A

cpe:2.3:a:libgit2:libgit2:-
Libgit2 » Libgit2 » Version: 0.1.0

cpe:2.3:a:libgit2:libgit2:0.1.0
Libgit2 » Libgit2 » Version: 0.10.0

cpe:2.3:a:libgit2:libgit2:0.10.0
Libgit2 » Libgit2 » Version: 0.11.0

cpe:2.3:a:libgit2:libgit2:0.11.0
Libgit2 » Libgit2 » Version: 0.12.0

cpe:2.3:a:libgit2:libgit2:0.12.0
Libgit2 » Libgit2 » Version: 0.13.0

cpe:2.3:a:libgit2:libgit2:0.13.0
Libgit2 » Libgit2 » Version: 0.14.0

cpe:2.3:a:libgit2:libgit2:0.14.0
Libgit2 » Libgit2 » Version: 0.15.0

cpe:2.3:a:libgit2:libgit2:0.15.0
Libgit2 » Libgit2 » Version: 0.16.0

cpe:2.3:a:libgit2:libgit2:0.16.0
Libgit2 » Libgit2 » Version: 0.17.0

cpe:2.3:a:libgit2:libgit2:0.17.0
Libgit2 » Libgit2 » Version: 0.18.0

cpe:2.3:a:libgit2:libgit2:0.18.0
Libgit2 » Libgit2 » Version: 0.19.0

cpe:2.3:a:libgit2:libgit2:0.19.0
Libgit2 » Libgit2 » Version: 0.2.0

cpe:2.3:a:libgit2:libgit2:0.2.0
Libgit2 » Libgit2 » Version: 0.20.0

cpe:2.3:a:libgit2:libgit2:0.20.0
Libgit2 » Libgit2 » Version: 0.21.0

cpe:2.3:a:libgit2:libgit2:0.21.0
Libgit2 » Libgit2 » Version: 0.21.1

cpe:2.3:a:libgit2:libgit2:0.21.1
Libgit2 » Libgit2 » Version: 0.21.2

cpe:2.3:a:libgit2:libgit2:0.21.2
Libgit2 » Libgit2 » Version: 0.21.3

cpe:2.3:a:libgit2:libgit2:0.21.3
Libgit2 » Libgit2 » Version: 0.21.4

cpe:2.3:a:libgit2:libgit2:0.21.4
Libgit2 » Libgit2 » Version: 0.21.5

cpe:2.3:a:libgit2:libgit2:0.21.5
Libgit2 » Libgit2 » Version: 0.22.0

cpe:2.3:a:libgit2:libgit2:0.22.0
Libgit2 » Libgit2 » Version: 0.22.1

cpe:2.3:a:libgit2:libgit2:0.22.1
Libgit2 » Libgit2 » Version: 0.22.2

cpe:2.3:a:libgit2:libgit2:0.22.2
Libgit2 » Libgit2 » Version: 0.22.3

cpe:2.3:a:libgit2:libgit2:0.22.3
Libgit2 » Libgit2 » Version: 0.23.0

cpe:2.3:a:libgit2:libgit2:0.23.0
Libgit2 » Libgit2 » Version: 0.23.1

cpe:2.3:a:libgit2:libgit2:0.23.1
Libgit2 » Libgit2 » Version: 0.23.2

cpe:2.3:a:libgit2:libgit2:0.23.2
Libgit2 » Libgit2 » Version: 0.23.3

cpe:2.3:a:libgit2:libgit2:0.23.3
Libgit2 » Libgit2 » Version: 0.23.4

cpe:2.3:a:libgit2:libgit2:0.23.4
Libgit2 » Libgit2 » Version: 0.24.0

cpe:2.3:a:libgit2:libgit2:0.24.0
Libgit2 » Libgit2 » Version: 0.24.1

cpe:2.3:a:libgit2:libgit2:0.24.1
Libgit2 » Libgit2 » Version: 0.24.2

cpe:2.3:a:libgit2:libgit2:0.24.2
Libgit2 » Libgit2 » Version: 0.24.3

cpe:2.3:a:libgit2:libgit2:0.24.3
Libgit2 » Libgit2 » Version: 0.24.4

cpe:2.3:a:libgit2:libgit2:0.24.4
Libgit2 » Libgit2 » Version: 0.24.5

cpe:2.3:a:libgit2:libgit2:0.24.5
Libgit2 » Libgit2 » Version: 0.24.6

cpe:2.3:a:libgit2:libgit2:0.24.6
Libgit2 » Libgit2 » Version: 0.25.0

cpe:2.3:a:libgit2:libgit2:0.25.0
Libgit2 » Libgit2 » Version: 0.25.1

cpe:2.3:a:libgit2:libgit2:0.25.1
Libgit2 » Libgit2 » Version: 0.26.0

cpe:2.3:a:libgit2:libgit2:0.26.0
Libgit2 » Libgit2 » Version: 0.26.1

cpe:2.3:a:libgit2:libgit2:0.26.1
Libgit2 » Libgit2 » Version: 0.3.0

cpe:2.3:a:libgit2:libgit2:0.3.0
Libgit2 » Libgit2 » Version: 0.8.0

cpe:2.3:a:libgit2:libgit2:0.8.0
Debian » Debian Linux » Version: 9.0

cpe:2.3:o:debian:debian_linux:9.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-8098

Products

Pricing

Contact Us