CVE-2017-12976

EPSS 0.27% · P51 Updated Feb 21, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2017-12976

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

git-annex before 6.20170818 allows remote attackers to execute arbitrary commands via an ssh URL with an initial dash character in the hostname, as demonstrated by an ssh://-eProxyCommand= URL, a related issue to CVE-2017-9800, CVE-2017-12836, CVE-2017-1000116, and CVE-2017-1000117.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

git-annex 安全漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

git-annex是一套分布式文件同步系统。 git-annex 6.20170818之前版本中存在安全漏洞。远程攻击者可借助在主机名中带有初始破折号的ssh URL利用该漏洞执行任意命令。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2017-12976

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2017-12976

请登录查看更多情报信息。

http://source.git-annex.branchable.com/?p=source.git%3Ba=blob%3Bf=doc/bugs/dashed_ssh_hostname_security_hole.mdwnx_refsource_CONFIRM
http://source.git-annex.branchable.com/?p=source.git%3Ba=commit%3Bh=c24d0f0e8984576654e2be149005bc884fe0403ax_refsource_CONFIRM
http://source.git-annex.branchable.com/?p=source.git%3Ba=commit%3Bh=df11e54788b254efebb4898b474de11ae8d3b471x_refsource_CONFIRM
http://www.debian.org/security/2017/dsa-4010vendor-advisoryx_refsource_DEBIAN
https://lists.debian.org/debian-lts-announce/2018/09/msg00004.htmlmailing-listx_refsource_MLIST
https://nvd.nist.gov/vuln/detail/CVE-2017-12976

Same Patch Batch · n/a · 2017-08-20 · 5 CVEs total

CVE-2017-12966		ASN1C 安全漏洞
CVE-2017-12972		Nimbus JOSE+JWT 安全漏洞
CVE-2017-12973		Nimbus JOSE+JWT 安全漏洞
CVE-2017-12974		Nimbus JOSE+JWT 安全漏洞

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2017-12976

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2017-12976

I. Basic Information for CVE-2017-12976

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2017-12976

III. Intelligence Information for CVE-2017-12976

Same Patch Batch · n/a · 2017-08-20 · 5 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2017-12976

Leave a comment