Medium
Canonical Ubuntu
It was discovered that Git incorrectly sanitized branch names in the PS1 variable when configured to display the repository status in the shell prompt. If a user were tricked into exploring a malicious repository, a remote attacker could use this issue to execute arbitrary code.
Severity is medium unless otherwise noted.
OSS users are strongly encouraged to follow one of the mitigations below: