16 matches found
SUSE-SU-2025:03037-1 Security update for git
This update for git fixes the following issues: Updated to 2.43.7 jscPED-13447: - CVE-2025-27613: Fixed arbitrary writable file creation and truncation in Gitk bsc1245938 - CVE-2025-27614: Fixed arbitrary script execution via repo clonation in Gitk bsc1245939 - CVE-2025-46835: Fixed arbitrary...
security update for git, git-lfs, obs-scm-bridge, python-PyYAML
This update for git, git-lfs, obs-scm-bridge, python-PyYAML fixes the following issues: git was updated from version 2.43.0 to 2.51.0 bsc1243197: Security issues fixed: CVE-2025-27613 Fixed arbitrary writable file creation and truncation in Gitkbsc1245938 CVE-2025-27614 Fixed arbitrary script...
SUSE-SU-2025:03012-1 security update for git, git-lfs, obs-scm-bridge, python-PyYAML
This update for git, git-lfs, obs-scm-bridge, python-PyYAML fixes the following issues: git was updated from version 2.43.0 to 2.51.0 bsc1243197: - Security issues fixed: CVE-2025-27613 Fixed arbitrary writable file creation and truncation in Gitkbsc1245938 CVE-2025-27614 Fixed arbitrary script...
RHEL 10 : git (RHSA-2025:11533)
The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:11533 advisory. Git is a distributed revision control system with a decentralized architecture. As opposed to centralized version control systems with a...
CVE-2025-27614 affecting package git for versions less than 2.45.4-1
CVE-2025-27614 affecting package git for versions less than 2.45.4-1. An upgraded version of the package is available that resolves this issue...
CVE-2025-27614
Gitk is a Tcl/Tk based Git history browser. Starting with 2.41.0, a Git repository can be crafted in such a way that with some social engineering a user who has cloned the repository can be tricked into running any script e.g., Bourne shell, Perl, Python, ... supplied by the attacker by invoking...
CVE-2025-27614 Gitk allows arbitrary command execution
Gitk is a Tcl/Tk based Git history browser. Starting with 2.41.0, a Git repository can be crafted in such a way that with some social engineering a user who has cloned the repository can be tricked into running any script e.g., Bourne shell, Perl, Python, ... supplied by the attacker by invoking...
CVE-2025-27614 Gitk allows arbitrary command execution
Gitk is a Tcl/Tk based Git history browser. Starting with 2.41.0, a Git repository can be crafted in such a way that with some social engineering a user who has cloned the repository can be tricked into running any script e.g., Bourne shell, Perl, Python, ... supplied by the attacker by invoking...
CVE-2025-27614
Gitk is a Tcl/Tk based Git history browser. Starting with 2.41.0, a Git repository can be crafted in such a way that with some social engineering a user who has cloned the repository can be tricked into running any script e.g., Bourne shell, Perl, Python, ... supplied by the attacker by invoking...
Slackware: Security Advisory (SSA:2025-190-01)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2025-27614
Gitk is a Tcl/Tk based Git history browser. Starting with 2.41.0, a Git repository can be crafted in such a way that with some social engineering a user who has cloned the repository can be tricked into running any script e.g., Bourne shell, Perl, Python, ... supplied by the attacker by invoking...
FreeBSD : git -- multiple vulnerabilities (2a4472ed-5c0d-11f0-b991-291fce777db8)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 2a4472ed-5c0d-11f0-b991-291fce777db8 advisory. Git development team reports: CVE-2025-27613: Gitk: When a user clones an untrusted repository...
CVE-2025-27614
Gitk is a Tcl/Tk based Git history browser. Starting with 2.41.0, a Git repository can be crafted in such a way that with some social engineering a user who has cloned the repository can be tricked into running any script e.g., Bourne shell, Perl, Python, ... supplied by the attacker by invoking...
CVE-2025-27614
creationtimestamp| type| source ---|---|--- 2025-07-08 15:02:11+00:00| seen| https://github.blog/open-source/git/git-security-vulnerabilities-announced-6/ 2025-07-08 15:11:31+00:00| seen| https://seclists.org/oss-sec/2025/q3/13 2025-07-08 15:56:31+00:00| seen|...
GitHub: CVE-2025-27614 Gitk Arbitrary Code Execution Vulnerability
CVE-2025-27614 is regarding a vulnerability in Gitk where a Git repository can be crafted in such a way that a user who has cloned the repository can be tricked into running any script supplied by the attacker by invoking gitk filename, where filename has a particular structure. GitHub created th...
git -- multiple vulnerabilities
Git development team reports: CVE-2025-27613: Gitk: When a user clones an untrusted repository and runs Gitk without additional command arguments, any writable file can be created and truncated. The option "Support per-file encoding" must have been enabled. The operation "Show origin of this line...