CVE-2014-9938

Published
View on NVD ↗
CVSS v3
8.8
HIGH
CVSS v2
6.8
MEDIUM
Affected
2
PROJECTS

Description

contrib/completion/git-prompt.sh in Git before 1.9.3 does not sanitize branch names in the PS1 variable, allowing a malicious repository to cause code execution.

git/git
git/git
Git Source Code Mirror - This is a publish-only repository but pull requests can be turned into patches to the mailing list via GitGitGadget (https://gitgitgadget.github.io/). Please follow Documentation/SubmittingPatches procedure for any of your improvements.
GitHubGitHub
61.6K
njhartwell/pw3nage
njhartwell/pw3nage
If you get pw3ned, might want to fix your shell
GitHubGitHub
197