16 matches found
EulerOS 2.0 SP13 : git (EulerOS-SA-2025-2256)
According to the versions of the git packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Gitk is a Tcl/Tk based Git history browser. Starting with 1.7.0, when a user clones an untrusted repository and runs gitk without additional command...
[SECURITY] [DLA 4323-1] git security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-4323-1 [email protected] https://www.debian.org/lts/security/ Andrej Shadura October 06, 2025 https://wiki.debian.org/LTS -...
CLSA-2025-1754413251 git: Fix of 2 CVEs
CVE-2025-27614: fix a vulnerability in Gitk that allowed arbitrary script execution via specially crafted filenames in a repository - CVE-2025-27614: fix a vulnerability in Gitk that allowed arbitrary file creation/truncation - CVE-2025-46835: fix a vulnerability in Git GUI where editing files in...
OESA-2025-1844 git security update
Security Fixes: A vulnerability was found in Microsoft Visual Studio Programming Tool Software affected version not known. It has been classified as problematic.This is going to have an impact on confidentiality, integrity, and availability.Applying a patch is able to eliminate this problem. A...
CVE-2025-46334
Git GUI allows you to use the Git source control management tools via a GUI. A malicious repository can ship versions of sh.exe or typical textconv filter programs such as astextplain. Due to the unfortunate design of Tcl on Windows, the search path when looking for an executable always includes...
CVE-2025-46835
A vulnerability was found in the git GUI package. When a user clones an untrusted repository and edits a file located in a maliciously named directory, git GUI may end up creating or overwriting arbitrary files for the running user has written permission. This flaw allows an attacker to modify th...
CVE-2025-46835
Git GUI allows you to use the Git source control management tools via a GUI. When a user clones an untrusted repository and is tricked into editing a file located in a maliciously named directory in the repository, then Git GUI can create and overwrite files for which the user has write permissio...
CVE-2025-46334
Git GUI allows you to use the Git source control management tools via a GUI. A malicious repository can ship versions of sh.exe or typical textconv filter programs such as astextplain. Due to the unfortunate design of Tcl on Windows, the search path when looking for an executable always includes...
CVE-2025-46835 Git GUI can create and overwrite files for which the user has write permission
Git GUI allows you to use the Git source control management tools via a GUI. When a user clones an untrusted repository and is tricked into editing a file located in a maliciously named directory in the repository, then Git GUI can create and overwrite files for which the user has write permissio...
CVE-2025-46835
Git GUI allows you to use the Git source control management tools via a GUI. When a user clones an untrusted repository and is tricked into editing a file located in a maliciously named directory in the repository, then Git GUI can create and overwrite files for which the user has write permissio...
CVE-2025-46835
Git GUI allows you to use the Git source control management tools via a GUI. When a user clones an untrusted repository and is tricked into editing a file located in a maliciously named directory in the repository, then Git GUI can create and overwrite files for which the user has write permissio...
CVE-2025-46835
Git GUI is vulnerable to arbitrary file creation/overwrites when a user clones an untrusted repository and is tricked into editing a file under a maliciously named directory; this can affect files the user can write. The issue is fixed in Git GUI versions 2.43.7, 2.44.4, 2.45.4, 2.46.4, 2.47.3, 2...
CVE-2025-46334 Git GUI malicious command injection on Windows
Git GUI allows you to use the Git source control management tools via a GUI. A malicious repository can ship versions of sh.exe or typical textconv filter programs such as astextplain. Due to the unfortunate design of Tcl on Windows, the search path when looking for an executable always includes...
CVE-2025-46334
Git GUI allows you to use the Git source control management tools via a GUI. A malicious repository can ship versions of sh.exe or typical textconv filter programs such as astextplain. Due to the unfortunate design of Tcl on Windows, the search path when looking for an executable always includes...
GitHub: CVE-2025-46334 Git Malicious Shell Vulnerability
CVE-2025-46334 is regarding a vulnerability in Git GUI Windows only where a malicious repository can ship versions of sh.exe or typical textconv filter programs such as astextplain. On Windows, path lookup can find such executables in the worktree. These programs are invoked when the user selects...
PT-2025-28866
Name of the Vulnerable Software and Affected Versions: git in Debian Linux affected versions not specified Description: A flaw exists in Git GUI that allows for the creation and overwriting of arbitrary writable files. This occurs when a user clones an untrusted repository and is subsequently...