CVE-2017-17831

GitHub Git LFS before 2.1.1 allows remote attackers to execute arbitrary commands via an ssh URL with an initial dash character in the hostname, located on a "url =" line in a .lfsconfig file within a repository.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
8.8 HIGH
NETWORK
LOW
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 72%
VendorProductVersion
git_large_file_storage_projectgit_large_file_storage
𝑥
< 2.1.1
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
git-lfs
bullseye
2.13.2-1
fixed
bookworm
3.3.0-1
fixed
sid
3.5.0-1
fixed
trixie
3.5.0-1
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
git-lfs
cosmic
not-affected
bionic
not-affected
artful
ignored
zesty
dne
xenial
dne
trusty
dne
Common Weakness Enumeration
References
http://blog.recurity-labs.com/2017-08-10/scm-vulns
http://www.securityfocus.com/bid/102926
https://confluence.atlassian.com/sourcetreekb/sourcetree-security-advisory-2018-01-24-942834324.html
https://github.com/git-lfs/git-lfs/pull/2242
https://github.com/git-lfs/git-lfs/releases/tag/v2.1.1
http://blog.recurity-labs.com/2017-08-10/scm-vulns
http://www.securityfocus.com/bid/102926
https://confluence.atlassian.com/sourcetreekb/sourcetree-security-advisory-2018-01-24-942834324.html
https://github.com/git-lfs/git-lfs/pull/2242
https://github.com/git-lfs/git-lfs/releases/tag/v2.1.1