vulnerability

Ubuntu: USN-3387-1 (CVE-2017-1000117): Git vulnerability

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
7	(AV:N/AC:M/Au:N/C:P/I:P/A:P)	Aug 11, 2017	Dec 20, 2017	Aug 18, 2025

Severity

CVSS

(AV:N/AC:M/Au:N/C:P/I:P/A:P)

Published

Aug 11, 2017

Added

Dec 20, 2017

Modified

Aug 18, 2025

Description

Brian Neel, Joern Schneeweisz, and Jeff King discovered that Git did
not properly handle host names in 'ssh://' URLs. A remote attacker
could use this to construct a git repository that when accessed could
run arbitrary code with the privileges of the user.

Solution

ubuntu-upgrade-git

References

CVE-2017-100011
https://attackerkb.com/topics/CVE-2017-100011
CWE-601
DEBIAN-DSA-3934
NVD-CVE-2017-1000117
UBUNTU-USN-3387-1

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today