{"api_version":"1","generated_at":"2026-04-23T01:19:18+00:00","cve":"CVE-2018-10887","urls":{"html":"https://cve.report/CVE-2018-10887","api":"https://cve.report/api/cve/CVE-2018-10887.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2018-10887","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2018-10887"},"summary":{"title":"CVE-2018-10887","description":"A flaw was found in libgit2 before version 0.27.3. It has been discovered that an unexpected sign extension in git_delta_apply function in delta.c file may lead to an integer overflow which in turn leads to an out of bound read, allowing to read before the base object. An attacker may use this flaw to leak memory addresses or cause a Denial of Service.","state":"PUBLIC","assigner":"secalert@redhat.com","published_at":"2018-07-10 14:29:00","updated_at":"2023-11-07 02:51:00"},"problem_types":["CWE-125","CWE-190","CWE-681"],"metrics":[],"references":[{"url":"https://github.com/libgit2/libgit2/releases/tag/v0.27.3","name":"https://github.com/libgit2/libgit2/releases/tag/v0.27.3","refsource":"CONFIRM","tags":["Patch","Release Notes","Third Party Advisory"],"title":"Release libgit2 v0.27.3 · libgit2/libgit2 · GitHub","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://lists.debian.org/debian-lts-announce/2022/03/msg00031.html","name":"[debian-lts-announce] 20220321 [SECURITY] [DLA 2936-1] libgit2 security update","refsource":"MLIST","tags":[],"title":"[SECURITY] [DLA 2936-1] libgit2 security update","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://lists.debian.org/debian-lts-announce/2018/08/msg00024.html","name":"[debian-lts-announce] 20180825 [SECURITY] [DLA 1477-1] libgit2 security update","refsource":"MLIST","tags":["Mailing List","Third Party Advisory"],"title":"[SECURITY] [DLA 1477-1] libgit2 security update","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://github.com/libgit2/libgit2/commit/c1577110467b701dcbcf9439ac225ea851b47d22","name":"https://github.com/libgit2/libgit2/commit/c1577110467b701dcbcf9439ac225ea851b47d22","refsource":"CONFIRM","tags":["Patch","Third Party Advisory"],"title":"delta: fix overflow when computing limit · libgit2/libgit2@c157711 · GitHub","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://github.com/libgit2/libgit2/commit/3f461902dc1072acb8b7607ee65d0a0458ffac2a","name":"https://github.com/libgit2/libgit2/commit/3f461902dc1072acb8b7607ee65d0a0458ffac2a","refsource":"CONFIRM","tags":["Patch","Third Party Advisory"],"title":"delta: fix sign-extension of big left-shift · libgit2/libgit2@3f46190 · GitHub","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1598021","name":"https://bugzilla.redhat.com/show_bug.cgi?id=1598021","refsource":"CONFIRM","tags":["Issue Tracking","Patch","Third Party Advisory"],"title":"1598021 – (CVE-2018-10887) CVE-2018-10887 libgit2: integer overflow leads to out-of-bounds read in git_delta_apply, allowing to read before base array","mime":"text/html","httpstatus":"200","archivestatus":"0"},{"url":"https://www.cve.org/CVERecord?id=CVE-2018-10887","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-10887","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2018","cve_id":"10887","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"debian","cpe5":"debian_linux","cpe6":"8.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2018","cve_id":"10887","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"debian","cpe5":"debian_linux","cpe6":"9.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2018","cve_id":"10887","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"debian","cpe5":"debian_linux","cpe6":"8.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2018","cve_id":"10887","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"libgit2","cpe5":"libgit2","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2018","cve_id":"10887","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"libgit2","cpe5":"libgit2","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[{"cve":"CVE-2018-10887","qid":"179136","title":"Debian Security Update for libgit2 (DLA 2936-1)"},{"cve":"CVE-2018-10887","qid":"501036","title":"Alpine Linux Security Update for libgit2"},{"cve":"CVE-2018-10887","qid":"501601","title":"Alpine Linux Security Update for libgit2-1.0"},{"cve":"CVE-2018-10887","qid":"502110","title":"Alpine Linux Security Update for libgit2-1.1"}]},"source_records":{"cve_program":{"CVE_data_meta":{"ASSIGNER":"secalert@redhat.com","DATE_PUBLIC":"2018-07-09T00:00:00","ID":"CVE-2018-10887","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"libgit2","version":{"version_data":[{"version_value":"before version 0.27.3"}]}}]},"vendor_name":"libgit2"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"A flaw was found in libgit2 before version 0.27.3. It has been discovered that an unexpected sign extension in git_delta_apply function in delta.c file may lead to an integer overflow which in turn leads to an out of bound read, allowing to read before the base object. An attacker may use this flaw to leak memory addresses or cause a Denial of Service."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"CWE-194->CWE-190->CWE-125"}]}]},"references":{"reference_data":[{"name":"https://bugzilla.redhat.com/show_bug.cgi?id=1598021","refsource":"CONFIRM","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1598021"},{"name":"[debian-lts-announce] 20180825 [SECURITY] [DLA 1477-1] libgit2 security update","refsource":"MLIST","url":"https://lists.debian.org/debian-lts-announce/2018/08/msg00024.html"},{"name":"https://github.com/libgit2/libgit2/releases/tag/v0.27.3","refsource":"CONFIRM","url":"https://github.com/libgit2/libgit2/releases/tag/v0.27.3"},{"name":"https://github.com/libgit2/libgit2/commit/c1577110467b701dcbcf9439ac225ea851b47d22","refsource":"CONFIRM","url":"https://github.com/libgit2/libgit2/commit/c1577110467b701dcbcf9439ac225ea851b47d22"},{"name":"https://github.com/libgit2/libgit2/commit/3f461902dc1072acb8b7607ee65d0a0458ffac2a","refsource":"CONFIRM","url":"https://github.com/libgit2/libgit2/commit/3f461902dc1072acb8b7607ee65d0a0458ffac2a"},{"refsource":"MLIST","name":"[debian-lts-announce] 20220321 [SECURITY] [DLA 2936-1] libgit2 security update","url":"https://lists.debian.org/debian-lts-announce/2022/03/msg00031.html"}]}},"nvd":{"publishedDate":"2018-07-10 14:29:00","lastModifiedDate":"2023-11-07 02:51:00","problem_types":["CWE-125","CWE-190","CWE-681"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"HIGH","baseScore":8.1,"baseSeverity":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.2},"baseMetricV2":{"cvssV2":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:P/I:N/A:P","accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"PARTIAL","baseScore":5.8},"severity":"MEDIUM","exploitabilityScore":8.6,"impactScore":4.9,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:libgit2:libgit2:*:*:*:*:*:*:*:*","versionEndExcluding":"0.27.3","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","cpe_name":[]}]}]}},"legacy_mitre":{"record":{"CveYear":"2018","CveId":"10887","Ordinal":"127339","Title":"CVE-2018-10887","CVE":"CVE-2018-10887","Year":"2018"},"notes":[{"CveYear":"2018","CveId":"10887","Ordinal":"1","NoteData":"A flaw was found in libgit2 before version 0.27.3. It has been discovered that an unexpected sign extension in git_delta_apply function in delta.c file may lead to an integer overflow which in turn leads to an out of bound read, allowing to read before the base object. An attacker may use this flaw to leak memory addresses or cause a Denial of Service.","Type":"Description","Title":null},{"CveYear":"2018","CveId":"10887","Ordinal":"2","NoteData":"2018-07-10","Type":"Other","Title":"Published"},{"CveYear":"2018","CveId":"10887","Ordinal":"3","NoteData":"2018-08-26","Type":"Other","Title":"Modified"}]}}}