Lucene search
+L

16 matches found

OSV
OSV
added 2025/09/01 12:45 p.m.8 views

SUSE-SU-2025:03037-1 Security update for git

This update for git fixes the following issues: Updated to 2.43.7 jscPED-13447: - CVE-2025-27613: Fixed arbitrary writable file creation and truncation in Gitk bsc1245938 - CVE-2025-27614: Fixed arbitrary script execution via repo clonation in Gitk bsc1245939 - CVE-2025-46835: Fixed arbitrary...

8.6CVSS6.5AI score0.02775EPSS
Exploits9References11
SUSE Linux
SUSE Linux
added 2025/08/29 12:8 a.m.7 views

security update for git, git-lfs, obs-scm-bridge, python-PyYAML

This update for git, git-lfs, obs-scm-bridge, python-PyYAML fixes the following issues: git was updated from version 2.43.0 to 2.51.0 bsc1243197: Security issues fixed: CVE-2025-27613 Fixed arbitrary writable file creation and truncation in Gitkbsc1245938 CVE-2025-27614 Fixed arbitrary script...

8.5CVSS8AI score0.02775EPSS
Exploits9References30
OSV
OSV
added 2025/08/29 12:7 a.m.7 views

SUSE-SU-2025:03012-1 security update for git, git-lfs, obs-scm-bridge, python-PyYAML

This update for git, git-lfs, obs-scm-bridge, python-PyYAML fixes the following issues: git was updated from version 2.43.0 to 2.51.0 bsc1243197: - Security issues fixed: CVE-2025-27613 Fixed arbitrary writable file creation and truncation in Gitkbsc1245938 CVE-2025-27614 Fixed arbitrary script...

8.6CVSS7.9AI score0.02775EPSS
Exploits9References16
Tenable Nessus
Tenable Nessus
added 2025/07/22 12:0 a.m.5 views

RHEL 10 : git (RHSA-2025:11533)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:11533 advisory. Git is a distributed revision control system with a decentralized architecture. As opposed to centralized version control systems with a...

8.6CVSS8.6AI score0.02775EPSS
Exploits9References16
CBLMariner
CBLMariner
added 2025/07/17 9:12 p.m.5 views

CVE-2025-27614 affecting package git for versions less than 2.45.4-1

CVE-2025-27614 affecting package git for versions less than 2.45.4-1. An upgraded version of the package is available that resolves this issue...

8.6CVSS7.3AI score0.00314EPSS
Exploits0
NVD
NVD
added 2025/07/10 3:15 p.m.10 views

CVE-2025-27614

Gitk is a Tcl/Tk based Git history browser. Starting with 2.41.0, a Git repository can be crafted in such a way that with some social engineering a user who has cloned the repository can be tricked into running any script e.g., Bourne shell, Perl, Python, ... supplied by the attacker by invoking...

8.6CVSS0.00314EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/07/10 3:2 p.m.7 views

CVE-2025-27614 Gitk allows arbitrary command execution

Gitk is a Tcl/Tk based Git history browser. Starting with 2.41.0, a Git repository can be crafted in such a way that with some social engineering a user who has cloned the repository can be tricked into running any script e.g., Bourne shell, Perl, Python, ... supplied by the attacker by invoking...

8.6CVSS7AI score0.00314EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/07/10 3:2 p.m.31 views

CVE-2025-27614 Gitk allows arbitrary command execution

Gitk is a Tcl/Tk based Git history browser. Starting with 2.41.0, a Git repository can be crafted in such a way that with some social engineering a user who has cloned the repository can be tricked into running any script e.g., Bourne shell, Perl, Python, ... supplied by the attacker by invoking...

8.6CVSS0.00314EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2025/07/10 3:2 p.m.7 views

CVE-2025-27614

Gitk is a Tcl/Tk based Git history browser. Starting with 2.41.0, a Git repository can be crafted in such a way that with some social engineering a user who has cloned the repository can be tricked into running any script e.g., Bourne shell, Perl, Python, ... supplied by the attacker by invoking...

8.6CVSS7.7AI score0.00314EPSS
Exploits0
OpenVAS
OpenVAS
added 2025/07/10 12:0 a.m.8 views

Slackware: Security Advisory (SSA:2025-190-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.6CVSS8.6AI score0.02775EPSS
Exploits9References12
RedhatCVE
RedhatCVE
added 2025/07/09 10:56 p.m.6 views

CVE-2025-27614

Gitk is a Tcl/Tk based Git history browser. Starting with 2.41.0, a Git repository can be crafted in such a way that with some social engineering a user who has cloned the repository can be tricked into running any script e.g., Bourne shell, Perl, Python, ... supplied by the attacker by invoking...

8.6CVSS5.9AI score0.00314EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2025/07/09 12:0 a.m.40 views

FreeBSD : git -- multiple vulnerabilities (2a4472ed-5c0d-11f0-b991-291fce777db8)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 2a4472ed-5c0d-11f0-b991-291fce777db8 advisory. Git development team reports: CVE-2025-27613: Gitk: When a user clones an untrusted repository...

8.6CVSS8.1AI score0.02775EPSS
Exploits9References13
UbuntuCve
UbuntuCve
added 2025/07/08 5:0 p.m.5 views

CVE-2025-27614

Gitk is a Tcl/Tk based Git history browser. Starting with 2.41.0, a Git repository can be crafted in such a way that with some social engineering a user who has cloned the repository can be tricked into running any script e.g., Bourne shell, Perl, Python, ... supplied by the attacker by invoking...

8.6CVSS7.2AI score0.00314EPSS
Exploits0References3
Circl
Circl
added 2025/07/08 3:2 p.m.8 views

CVE-2025-27614

creationtimestamp| type| source ---|---|--- 2025-07-08 15:02:11+00:00| seen| https://github.blog/open-source/git/git-security-vulnerabilities-announced-6/ 2025-07-08 15:11:31+00:00| seen| https://seclists.org/oss-sec/2025/q3/13 2025-07-08 15:56:31+00:00| seen|...

8.6CVSS7.6AI score0.00314EPSS
Exploits0References4
Microsoft CVE
Microsoft CVE
added 2025/07/08 2:0 p.m.8 views

GitHub: CVE-2025-27614 Gitk Arbitrary Code Execution Vulnerability

CVE-2025-27614 is regarding a vulnerability in Gitk where a Git repository can be crafted in such a way that a user who has cloned the repository can be tricked into running any script supplied by the attacker by invoking gitk filename, where filename has a particular structure. GitHub created th...

8.6CVSS6.1AI score0.00314EPSS
Exploits0
FreeBSD
FreeBSD
added 2025/04/11 12:0 a.m.6 views

git -- multiple vulnerabilities

Git development team reports: CVE-2025-27613: Gitk: When a user clones an untrusted repository and runs Gitk without additional command arguments, any writable file can be created and truncated. The option "Support per-file encoding" must have been enabled. The operation "Show origin of this line...

8.6CVSS7.3AI score0.02775EPSS
Exploits9References6
Rows per page
Query Builder