Descriptioncontrib/completion/ in Git before 1.9.3 does not sanitize branch names in the PS1 variable, allowing a malicious repository to cause code execution.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, Mageia, GitHub code/issues, web search, more)
NVD severitymedium (attack range: remote)

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
git (PTS)jessie (security), jessie1:2.1.4-2.1+deb8u6fixed
stretch (security)1:2.11.0-3+deb9u3fixed
buster, sid1:2.18.0-1fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
gitsourcewheezy(not affected)


[wheezy] - git <not-affected> (Vulnerable code introduced in 1.8.1-rc0)
Vulnerability likely introduced by the "pc_mode" in

Search for package or bug name: Reporting problems