New Search

Git OS Command Injection Vulnerability - CVE-2017-8386

oval:org.cisecurity:def:5138

git-shell in git before 2.4.12 2.5.x before 2.5.6 2.6.x before 2.6.7 2.7.x before 2.7.5 2.8.x before 2.8.5 2.9.x before 2.9.4 2.10.x before 2.10.3 2.11.x before 2.11.2 and 2.12.x before 2.12.3 might allow remote authenticated users to gain privileges via a repository name that starts with a - (dash) character.

Family:
windows
Status:
ACCEPTED
Platform(s):
  • Microsoft Windows Server 2016
  • Microsoft Windows Server 2012 R2
  • Microsoft Windows 10
  • Microsoft Windows 8.1
  • Microsoft Windows Server 2012
  • Microsoft Windows Server 2008
  • Microsoft Windows Server 2008 R2
  • Microsoft Windows 7
Class:
vulnerability
Reference(s):
  • CVE-2017-8386
Product(s):