Description
In Git before 2.13.7, 2.14.x before 2.14.4, 2.15.x before 2.15.2, 2.16.x before 2.16.4, and 2.17.x before 2.17.1,
code to sanity-check pathnames on NTFS can result in reading out-of-bounds memory.(CVE-2018-11233)
In Git before 2.13.7, 2.14.x before 2.14.4, 2.15.x before 2.15.2, 2.16.x before 2.16.4, and 2.17.x before 2.17.1,
remote code execution can occur. With a crafted .gitmodules file(CVE-2018-11235)