View at Official suse advisory, NVD, CVE.org · CVE detail
Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.
CVE-2017-8386 severity moderate: SUSE including 174 source package names (emacs-git-1.8.3.1-11.el7, emacs-git-el-1.8.3.1-11.el7, …), 226 product×package rows across 39 product lines (SUSE Liberty Linux 7, SUSE Linux Enterprise High Performance Computing 12 SP5, … (39 product lines)): Fixed 226.
git-shell in git before 2.4.12, 2.5.x before 2.5.6, 2.6.x before 2.6.7, 2.7.x before 2.7.5, 2.8.x before 2.8.5, 2.9.x before 2.9.4, 2.10.x before 2.10.3, 2.11.x before 2.11.2, and 2.12.x before 2.12.3 might allow remote authenticated users to gain privileges via a repository name that starts with a - (dash) character.