VDB

DEBIAN-CVE-2017-8386

DEBIAN-CVE-2017-8386 PUBLISHED CVSS 8.800000190734863 HIGH

git-shell in git before 2.4.12, 2.5.x before 2.5.6, 2.6.x before 2.6.7, 2.7.x before 2.7.5, 2.8.x before 2.8.5, 2.9.x before 2.9.4, 2.10.x before 2.10.3, 2.11.x before 2.11.2, and 2.12.x before 2.12.3 might allow remote authenticated users to gain privileges via a repository name that starts with a - (dash) character.

Risk Scores

CVSS v3.0
8.800000190734863
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected Products

VendorProductVersions
Debian:12git0, 0, 0
Debian:11git0, 0, 0
Debian:13git0, 0, 0
Debian:14git0, 0, 0

Timeline

  • Jun 1, 2017 CVE Published
  • Apr 28, 2026 CVE Updated

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›