PT-2025-28647

🗓️ 08 Jul 2025 00:00:00Reported by Positive TechnologiesType

Git versions 2.43.7 to 2.50.0 allow remote code execution due to improper line ending handling.

Reporter	Title	Published	Views	Family All 610
IBM Security Bulletins	Security Bulletin: Multiple Vulnerabilities in IBM API Connect	15 Mar 202500:18	–	ibm
FreeBSD	git -- multiple vulnerabilities	11 Apr 202500:00	–	freebsd
FreeBSD	git -- multiple vulnerabilities	29 Oct 202400:00	–	freebsd
GithubExploit	Exploit for Interpretation Conflict in Git-Scm Git	9 Sep 202504:57	–	githubexploit
GithubExploit	Exploit for Link Following in Git-Scm Git	4 Dec 202512:17	–	githubexploit
GithubExploit	Exploit for Interpretation Conflict in Git-Scm Git	14 Dec 202510:04	–	githubexploit
GithubExploit	Exploit for Link Following in Git-Scm Git	16 Jul 202503:59	–	githubexploit
GithubExploit	Exploit for CVE-2025-48384	9 Jul 202516:18	–	githubexploit
GithubExploit	Exploit for Link Following in Git-Scm Git	8 Nov 202514:41	–	githubexploit
GithubExploit	Exploit for Link Following in Git-Scm Git	29 Aug 202511:48	–	githubexploit

Source	Link
securityweek	www.securityweek.com/organizations-warned-of-exploited-git-vulnerability
access	www.access.redhat.com/security/cve/CVE-2024-50349
access	www.access.redhat.com/security/cve/CVE-2024-52006
ubuntu	www.ubuntu.com/security/notices/USN-7626-1
openeuler	www.openeuler.org/zh/security/security-bulletins/detail/
osv	www.osv.dev/vulnerability/openSUSE-SU-2025:15337-1
twitter	www.twitter.com/web3sec_news/status/1953457597475958848
suse	www.suse.com/security/cve/CVE-2025-48386
bugzilla	www.bugzilla.suse.com/1243197
osv	www.osv.dev/vulnerability/BIT-git-2025-48384

05 Mar 2026 00:00Current

8.4High risk

Vulners AI Score8.4

CVSS 3.17.5 - 8.6

CVSS 48.6

EPSS0.01141

SSVC