2 matches found
CVE-2018-11235
CVE-2018-11235 affects Git prior to 2.17.1 (and also 2.13.7, 2.14.4, 2.15.2, 2.16.4, 2.17.1 as listed in advisories). A crafted .gitmodules file can cause directory traversal in submodule names, leading to a malicious project triggering a chain where submodule names are appended to $GIT_DIR/modul...
CVE-2018-11233
CVE-2018-11233 affects Git on NTFS pathname sanity checking, causing potential out-of-bounds reads. Affected: Git versions before 2.13.7, and 2.14.x/2.15.x/2.16.x/2.17.x before the listed patch levels. Impact: potential information disclosure and/or memory access concerns; no explicit exploitatio...