CVE-2017-8386

Name of the Vulnerable Software and Affected Versions git versions 2.4.12 and earlier, 2.5.x through 2.5.5, 2.6.x through 2.6.6, 2.7.x through 2.7.4, 2.8.x through 2.8.4, 2.9.x through 2.9.3, 2.10.x through 2.10.2, 2.11.x through 2.11.1, 2.12.x through 2.12.2

Description The issue allows remote authenticated users to gain privileges via a repository name that starts with a - (dash) character.

Recommendations For git versions 2.4.12 and earlier, update to version 2.4.12 or later. For git versions 2.5.x through 2.5.5, update to version 2.5.6 or later. For git versions 2.6.x through 2.6.6, update to version 2.6.7 or later. For git versions 2.7.x through 2.7.4, update to version 2.7.5 or later. For git versions 2.8.x through 2.8.4, update to version 2.8.5 or later. For git versions 2.9.x through 2.9.3, update to version 2.9.4 or later. For git versions 2.10.x through 2.10.2, update to version 2.10.3 or later. For git versions 2.11.x through 2.11.1, update to version 2.11.2 or later. For git versions 2.12.x through 2.12.2, update to version 2.12.3 or later.