VDB
ALPINE-CVE-2018-11233
ALPINE-CVE-2018-11233
PUBLISHED
CVSS 7.5 HIGH
In Git before 2.13.7, 2.14.x before 2.14.4, 2.15.x before 2.15.2, 2.16.x before 2.16.4, and 2.17.x before 2.17.1, code to sanity-check pathnames on NTFS can result in reading out-of-bounds memory.
Risk Scores
CVSS v3.0
7.5
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Alpine:v3.6 | git | 2.9.3-r0, 2.9.2-r0, 2.9.1-r0 |
| Alpine:v3.7 | git | 2.6.4-r0, 2.13.3-r1, 2.2.2-r0 |
| Alpine:v3.10 | git | 1.8.3.3-r0, 1.8.3-r0, 1.8.2.3-r1 |
| Alpine:v3.17 | git | 2.8.0-r1, 2.8.1-r0, 2.8.2-r0 |
| Alpine:v3.13 | git | 2.7.3-r0, 2.9.3-r0, 2.9.2-r0 |
| Alpine:v3.8 | git | 1.6.2.5-r0, 0, 1.6.0.4-r1 |
| Alpine:v3.20 | git | 0, 2.14.1-r1, 2.14.2-r0 |
| Alpine:v3.12 | git | 2.16.2-r0, 2.16.3-r0, 2.16.3-r1 |
| Alpine:v3.18 | git | 1.7.11.2-r0, 1.7.11.3-r0, 1.7.11.4-r0 |
| Alpine:v3.22 | git | 2.9.3-r0, 2.9.2-r0, 2.9.1-r0 |
| Alpine:v3.16 | git | 1.6.2.5-r0, 0, 1.6.0.4-r1 |
| Alpine:v3.21 | git | 1.6.4.1-r0, 2.14.0-r0, 2.14.0-r1 |
| Alpine:v3.11 | git | 1.6.4.4-r0, 0, 1.6.0.4-r1 |
| Alpine:v3.5 | git | 2.9.3-r0, 2.9.2-r0, 2.9.1-r0 |
| Alpine:v3.9 | git | 2.14.1-r0, 2.14.0-r1, 2.14.0-r0 |
| Alpine:v3.19 | git | 1.8.2.1-r0, 1.8.2-r0, 1.8.1.5-r0 |
| Alpine:v3.15 | git | 2.4.6-r1, 2.2.2-r0, 2.7.3-r0 |
| Alpine:v3.14 | git | 1.8.5.1-r0, 0, 1.6.0.4-r2 |
| Alpine:v3.23 | git | 2.13.2-r1, 1.6.0.4-r1, 1.6.0.4-r2 |
Timeline
- May 30, 2018 CVE Published
- Dec 3, 2025 CVE Updated
- Apr 30, 2026 Distribution Patch