csaf_suse - suse-su-2025:20855-1

suse-su-2025:20855-1

Vulnerability from csaf_suse

Published

2025-10-09 14:25

Modified

2025-10-09 14:25

Summary

Security update for git

Notes

Title of the patch

Security update for git

Description of the patch

This update for git fixes the following issues: Update to 2.51.0: - CVE-2025-27613: arbitrary writable file creation and truncation in Gitk (bsc#1245938) - CVE-2025-27614: arbitrary script execution via repo clonation in gitk (bsc#1245939) - CVE-2025-46835: untrusted repository cloning can lead to arbitrary writable file creation in Git GUI (bsc#1245942) - CVE-2025-48384: script may be unintentionally executed after checkout due to CRLF transforming (bsc#1245943) - CVE-2025-48385: arbitrary code execution due to protocol injection via fetching advertised bundle (bsc#1245946) - CVE-2025-48386: buffer overflow in static buffer 'target' in wincred credential helper (bsc#1245947)

Patchnames

SUSE-SLE-Micro-6.1-298

CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "critical"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Security update for git",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "This update for git fixes the following issues:\n\nUpdate to 2.51.0:\n\n- CVE-2025-27613: arbitrary writable file creation and truncation in Gitk (bsc#1245938)\n- CVE-2025-27614: arbitrary script execution via repo clonation in gitk (bsc#1245939)\n- CVE-2025-46835: untrusted repository cloning can lead to arbitrary writable file creation in Git GUI (bsc#1245942)\n- CVE-2025-48384: script may be unintentionally executed after checkout due to CRLF transforming (bsc#1245943)\n- CVE-2025-48385: arbitrary code execution due to protocol injection via fetching advertised bundle (bsc#1245946)\n- CVE-2025-48386: buffer overflow in static buffer \u0027target\u0027 in wincred credential helper (bsc#1245947)\n",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "SUSE-SLE-Micro-6.1-298",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_20855-1.json"
      },
      {
        "category": "self",
        "summary": "URL for SUSE-SU-2025:20855-1",
        "url": "https://www.suse.com/support/update/announcement/2025/suse-su-202520855-1/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for SUSE-SU-2025:20855-1",
        "url": "https://lists.suse.com/pipermail/sle-updates/2025-October/042323.html"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1245938",
        "url": "https://bugzilla.suse.com/1245938"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1245939",
        "url": "https://bugzilla.suse.com/1245939"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1245942",
        "url": "https://bugzilla.suse.com/1245942"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1245943",
        "url": "https://bugzilla.suse.com/1245943"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1245946",
        "url": "https://bugzilla.suse.com/1245946"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1245947",
        "url": "https://bugzilla.suse.com/1245947"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-27613 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-27613/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-27614 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-27614/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-46835 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-46835/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-48384 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-48384/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-48385 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-48385/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-48386 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-48386/"
      }
    ],
    "title": "Security update for git",
    "tracking": {
      "current_release_date": "2025-10-09T14:25:15Z",
      "generator": {
        "date": "2025-10-09T14:25:15Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "SUSE-SU-2025:20855-1",
      "initial_release_date": "2025-10-09T14:25:15Z",
      "revision_history": [
        {
          "date": "2025-10-09T14:25:15Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "git-2.51.0-slfo.1.1_1.1.aarch64",
                "product": {
                  "name": "git-2.51.0-slfo.1.1_1.1.aarch64",
                  "product_id": "git-2.51.0-slfo.1.1_1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "git-core-2.51.0-slfo.1.1_1.1.aarch64",
                "product": {
                  "name": "git-core-2.51.0-slfo.1.1_1.1.aarch64",
                  "product_id": "git-core-2.51.0-slfo.1.1_1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "perl-Git-2.51.0-slfo.1.1_1.1.aarch64",
                "product": {
                  "name": "perl-Git-2.51.0-slfo.1.1_1.1.aarch64",
                  "product_id": "perl-Git-2.51.0-slfo.1.1_1.1.aarch64"
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "git-2.51.0-slfo.1.1_1.1.ppc64le",
                "product": {
                  "name": "git-2.51.0-slfo.1.1_1.1.ppc64le",
                  "product_id": "git-2.51.0-slfo.1.1_1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "git-core-2.51.0-slfo.1.1_1.1.ppc64le",
                "product": {
                  "name": "git-core-2.51.0-slfo.1.1_1.1.ppc64le",
                  "product_id": "git-core-2.51.0-slfo.1.1_1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "perl-Git-2.51.0-slfo.1.1_1.1.ppc64le",
                "product": {
                  "name": "perl-Git-2.51.0-slfo.1.1_1.1.ppc64le",
                  "product_id": "perl-Git-2.51.0-slfo.1.1_1.1.ppc64le"
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "git-2.51.0-slfo.1.1_1.1.s390x",
                "product": {
                  "name": "git-2.51.0-slfo.1.1_1.1.s390x",
                  "product_id": "git-2.51.0-slfo.1.1_1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "git-core-2.51.0-slfo.1.1_1.1.s390x",
                "product": {
                  "name": "git-core-2.51.0-slfo.1.1_1.1.s390x",
                  "product_id": "git-core-2.51.0-slfo.1.1_1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "perl-Git-2.51.0-slfo.1.1_1.1.s390x",
                "product": {
                  "name": "perl-Git-2.51.0-slfo.1.1_1.1.s390x",
                  "product_id": "perl-Git-2.51.0-slfo.1.1_1.1.s390x"
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "git-2.51.0-slfo.1.1_1.1.x86_64",
                "product": {
                  "name": "git-2.51.0-slfo.1.1_1.1.x86_64",
                  "product_id": "git-2.51.0-slfo.1.1_1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "git-core-2.51.0-slfo.1.1_1.1.x86_64",
                "product": {
                  "name": "git-core-2.51.0-slfo.1.1_1.1.x86_64",
                  "product_id": "git-core-2.51.0-slfo.1.1_1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "perl-Git-2.51.0-slfo.1.1_1.1.x86_64",
                "product": {
                  "name": "perl-Git-2.51.0-slfo.1.1_1.1.x86_64",
                  "product_id": "perl-Git-2.51.0-slfo.1.1_1.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "SUSE Linux Micro 6.1",
                "product": {
                  "name": "SUSE Linux Micro 6.1",
                  "product_id": "SUSE Linux Micro 6.1",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sl-micro:6.1"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "git-2.51.0-slfo.1.1_1.1.aarch64 as component of SUSE Linux Micro 6.1",
          "product_id": "SUSE Linux Micro 6.1:git-2.51.0-slfo.1.1_1.1.aarch64"
        },
        "product_reference": "git-2.51.0-slfo.1.1_1.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Micro 6.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "git-2.51.0-slfo.1.1_1.1.ppc64le as component of SUSE Linux Micro 6.1",
          "product_id": "SUSE Linux Micro 6.1:git-2.51.0-slfo.1.1_1.1.ppc64le"
        },
        "product_reference": "git-2.51.0-slfo.1.1_1.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Micro 6.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "git-2.51.0-slfo.1.1_1.1.s390x as component of SUSE Linux Micro 6.1",
          "product_id": "SUSE Linux Micro 6.1:git-2.51.0-slfo.1.1_1.1.s390x"
        },
        "product_reference": "git-2.51.0-slfo.1.1_1.1.s390x",
        "relates_to_product_reference": "SUSE Linux Micro 6.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "git-2.51.0-slfo.1.1_1.1.x86_64 as component of SUSE Linux Micro 6.1",
          "product_id": "SUSE Linux Micro 6.1:git-2.51.0-slfo.1.1_1.1.x86_64"
        },
        "product_reference": "git-2.51.0-slfo.1.1_1.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Micro 6.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "git-core-2.51.0-slfo.1.1_1.1.aarch64 as component of SUSE Linux Micro 6.1",
          "product_id": "SUSE Linux Micro 6.1:git-core-2.51.0-slfo.1.1_1.1.aarch64"
        },
        "product_reference": "git-core-2.51.0-slfo.1.1_1.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Micro 6.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "git-core-2.51.0-slfo.1.1_1.1.ppc64le as component of SUSE Linux Micro 6.1",
          "product_id": "SUSE Linux Micro 6.1:git-core-2.51.0-slfo.1.1_1.1.ppc64le"
        },
        "product_reference": "git-core-2.51.0-slfo.1.1_1.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Micro 6.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "git-core-2.51.0-slfo.1.1_1.1.s390x as component of SUSE Linux Micro 6.1",
          "product_id": "SUSE Linux Micro 6.1:git-core-2.51.0-slfo.1.1_1.1.s390x"
        },
        "product_reference": "git-core-2.51.0-slfo.1.1_1.1.s390x",
        "relates_to_product_reference": "SUSE Linux Micro 6.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "git-core-2.51.0-slfo.1.1_1.1.x86_64 as component of SUSE Linux Micro 6.1",
          "product_id": "SUSE Linux Micro 6.1:git-core-2.51.0-slfo.1.1_1.1.x86_64"
        },
        "product_reference": "git-core-2.51.0-slfo.1.1_1.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Micro 6.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "perl-Git-2.51.0-slfo.1.1_1.1.aarch64 as component of SUSE Linux Micro 6.1",
          "product_id": "SUSE Linux Micro 6.1:perl-Git-2.51.0-slfo.1.1_1.1.aarch64"
        },
        "product_reference": "perl-Git-2.51.0-slfo.1.1_1.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Micro 6.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "perl-Git-2.51.0-slfo.1.1_1.1.ppc64le as component of SUSE Linux Micro 6.1",
          "product_id": "SUSE Linux Micro 6.1:perl-Git-2.51.0-slfo.1.1_1.1.ppc64le"
        },
        "product_reference": "perl-Git-2.51.0-slfo.1.1_1.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Micro 6.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "perl-Git-2.51.0-slfo.1.1_1.1.s390x as component of SUSE Linux Micro 6.1",
          "product_id": "SUSE Linux Micro 6.1:perl-Git-2.51.0-slfo.1.1_1.1.s390x"
        },
        "product_reference": "perl-Git-2.51.0-slfo.1.1_1.1.s390x",
        "relates_to_product_reference": "SUSE Linux Micro 6.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "perl-Git-2.51.0-slfo.1.1_1.1.x86_64 as component of SUSE Linux Micro 6.1",
          "product_id": "SUSE Linux Micro 6.1:perl-Git-2.51.0-slfo.1.1_1.1.x86_64"
        },
        "product_reference": "perl-Git-2.51.0-slfo.1.1_1.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Micro 6.1"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2025-27613",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-27613"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Gitk is a Tcl/Tk based Git history browser. Starting with 1.7.0, when a user clones an untrusted repository and runs gitk without additional command arguments, files for which the user has write permission can be created and truncated. The option Support per-file encoding must have been enabled before in Gitk\u0027s Preferences. This option is disabled by default. The same happens when Show origin of this line is used in the main window (regardless of whether Support per-file encoding is enabled or not). This vulnerability is fixed in 2.43.7, 2.44.4, 2.45.4, 2.46.4, 2.47.3, 2.48.2, 2.49.1, and 2.50.1.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Micro 6.1:git-2.51.0-slfo.1.1_1.1.aarch64",
          "SUSE Linux Micro 6.1:git-2.51.0-slfo.1.1_1.1.ppc64le",
          "SUSE Linux Micro 6.1:git-2.51.0-slfo.1.1_1.1.s390x",
          "SUSE Linux Micro 6.1:git-2.51.0-slfo.1.1_1.1.x86_64",
          "SUSE Linux Micro 6.1:git-core-2.51.0-slfo.1.1_1.1.aarch64",
          "SUSE Linux Micro 6.1:git-core-2.51.0-slfo.1.1_1.1.ppc64le",
          "SUSE Linux Micro 6.1:git-core-2.51.0-slfo.1.1_1.1.s390x",
          "SUSE Linux Micro 6.1:git-core-2.51.0-slfo.1.1_1.1.x86_64",
          "SUSE Linux Micro 6.1:perl-Git-2.51.0-slfo.1.1_1.1.aarch64",
          "SUSE Linux Micro 6.1:perl-Git-2.51.0-slfo.1.1_1.1.ppc64le",
          "SUSE Linux Micro 6.1:perl-Git-2.51.0-slfo.1.1_1.1.s390x",
          "SUSE Linux Micro 6.1:perl-Git-2.51.0-slfo.1.1_1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-27613",
          "url": "https://www.suse.com/security/cve/CVE-2025-27613"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1245938 for CVE-2025-27613",
          "url": "https://bugzilla.suse.com/1245938"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Micro 6.1:git-2.51.0-slfo.1.1_1.1.aarch64",
            "SUSE Linux Micro 6.1:git-2.51.0-slfo.1.1_1.1.ppc64le",
            "SUSE Linux Micro 6.1:git-2.51.0-slfo.1.1_1.1.s390x",
            "SUSE Linux Micro 6.1:git-2.51.0-slfo.1.1_1.1.x86_64",
            "SUSE Linux Micro 6.1:git-core-2.51.0-slfo.1.1_1.1.aarch64",
            "SUSE Linux Micro 6.1:git-core-2.51.0-slfo.1.1_1.1.ppc64le",
            "SUSE Linux Micro 6.1:git-core-2.51.0-slfo.1.1_1.1.s390x",
            "SUSE Linux Micro 6.1:git-core-2.51.0-slfo.1.1_1.1.x86_64",
            "SUSE Linux Micro 6.1:perl-Git-2.51.0-slfo.1.1_1.1.aarch64",
            "SUSE Linux Micro 6.1:perl-Git-2.51.0-slfo.1.1_1.1.ppc64le",
            "SUSE Linux Micro 6.1:perl-Git-2.51.0-slfo.1.1_1.1.s390x",
            "SUSE Linux Micro 6.1:perl-Git-2.51.0-slfo.1.1_1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Micro 6.1:git-2.51.0-slfo.1.1_1.1.aarch64",
            "SUSE Linux Micro 6.1:git-2.51.0-slfo.1.1_1.1.ppc64le",
            "SUSE Linux Micro 6.1:git-2.51.0-slfo.1.1_1.1.s390x",
            "SUSE Linux Micro 6.1:git-2.51.0-slfo.1.1_1.1.x86_64",
            "SUSE Linux Micro 6.1:git-core-2.51.0-slfo.1.1_1.1.aarch64",
            "SUSE Linux Micro 6.1:git-core-2.51.0-slfo.1.1_1.1.ppc64le",
            "SUSE Linux Micro 6.1:git-core-2.51.0-slfo.1.1_1.1.s390x",
            "SUSE Linux Micro 6.1:git-core-2.51.0-slfo.1.1_1.1.x86_64",
            "SUSE Linux Micro 6.1:perl-Git-2.51.0-slfo.1.1_1.1.aarch64",
            "SUSE Linux Micro 6.1:perl-Git-2.51.0-slfo.1.1_1.1.ppc64le",
            "SUSE Linux Micro 6.1:perl-Git-2.51.0-slfo.1.1_1.1.s390x",
            "SUSE Linux Micro 6.1:perl-Git-2.51.0-slfo.1.1_1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-10-09T14:25:15Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-27613"
    },
    {
      "cve": "CVE-2025-27614",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-27614"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Gitk is a Tcl/Tk based Git history browser. Starting with 2.41.0, a Git repository can be crafted in such a way that with some social engineering a user who has cloned the repository can be tricked into running any script (e.g., Bourne shell, Perl, Python, ...) supplied by the attacker by invoking gitk filename, where filename has a particular structure. The script is run with the privileges of the user. This vulnerability is fixed in 2.43.7, 2.44.4, 2.45.4, 2.46.4, 2.47.3, 2.48.2, 2.49.1, and 2.50.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Micro 6.1:git-2.51.0-slfo.1.1_1.1.aarch64",
          "SUSE Linux Micro 6.1:git-2.51.0-slfo.1.1_1.1.ppc64le",
          "SUSE Linux Micro 6.1:git-2.51.0-slfo.1.1_1.1.s390x",
          "SUSE Linux Micro 6.1:git-2.51.0-slfo.1.1_1.1.x86_64",
          "SUSE Linux Micro 6.1:git-core-2.51.0-slfo.1.1_1.1.aarch64",
          "SUSE Linux Micro 6.1:git-core-2.51.0-slfo.1.1_1.1.ppc64le",
          "SUSE Linux Micro 6.1:git-core-2.51.0-slfo.1.1_1.1.s390x",
          "SUSE Linux Micro 6.1:git-core-2.51.0-slfo.1.1_1.1.x86_64",
          "SUSE Linux Micro 6.1:perl-Git-2.51.0-slfo.1.1_1.1.aarch64",
          "SUSE Linux Micro 6.1:perl-Git-2.51.0-slfo.1.1_1.1.ppc64le",
          "SUSE Linux Micro 6.1:perl-Git-2.51.0-slfo.1.1_1.1.s390x",
          "SUSE Linux Micro 6.1:perl-Git-2.51.0-slfo.1.1_1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-27614",
          "url": "https://www.suse.com/security/cve/CVE-2025-27614"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1245939 for CVE-2025-27614",
          "url": "https://bugzilla.suse.com/1245939"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Micro 6.1:git-2.51.0-slfo.1.1_1.1.aarch64",
            "SUSE Linux Micro 6.1:git-2.51.0-slfo.1.1_1.1.ppc64le",
            "SUSE Linux Micro 6.1:git-2.51.0-slfo.1.1_1.1.s390x",
            "SUSE Linux Micro 6.1:git-2.51.0-slfo.1.1_1.1.x86_64",
            "SUSE Linux Micro 6.1:git-core-2.51.0-slfo.1.1_1.1.aarch64",
            "SUSE Linux Micro 6.1:git-core-2.51.0-slfo.1.1_1.1.ppc64le",
            "SUSE Linux Micro 6.1:git-core-2.51.0-slfo.1.1_1.1.s390x",
            "SUSE Linux Micro 6.1:git-core-2.51.0-slfo.1.1_1.1.x86_64",
            "SUSE Linux Micro 6.1:perl-Git-2.51.0-slfo.1.1_1.1.aarch64",
            "SUSE Linux Micro 6.1:perl-Git-2.51.0-slfo.1.1_1.1.ppc64le",
            "SUSE Linux Micro 6.1:perl-Git-2.51.0-slfo.1.1_1.1.s390x",
            "SUSE Linux Micro 6.1:perl-Git-2.51.0-slfo.1.1_1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Micro 6.1:git-2.51.0-slfo.1.1_1.1.aarch64",
            "SUSE Linux Micro 6.1:git-2.51.0-slfo.1.1_1.1.ppc64le",
            "SUSE Linux Micro 6.1:git-2.51.0-slfo.1.1_1.1.s390x",
            "SUSE Linux Micro 6.1:git-2.51.0-slfo.1.1_1.1.x86_64",
            "SUSE Linux Micro 6.1:git-core-2.51.0-slfo.1.1_1.1.aarch64",
            "SUSE Linux Micro 6.1:git-core-2.51.0-slfo.1.1_1.1.ppc64le",
            "SUSE Linux Micro 6.1:git-core-2.51.0-slfo.1.1_1.1.s390x",
            "SUSE Linux Micro 6.1:git-core-2.51.0-slfo.1.1_1.1.x86_64",
            "SUSE Linux Micro 6.1:perl-Git-2.51.0-slfo.1.1_1.1.aarch64",
            "SUSE Linux Micro 6.1:perl-Git-2.51.0-slfo.1.1_1.1.ppc64le",
            "SUSE Linux Micro 6.1:perl-Git-2.51.0-slfo.1.1_1.1.s390x",
            "SUSE Linux Micro 6.1:perl-Git-2.51.0-slfo.1.1_1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-10-09T14:25:15Z",
          "details": "important"
        }
      ],
      "title": "CVE-2025-27614"
    },
    {
      "cve": "CVE-2025-46835",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-46835"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Git GUI allows you to use the Git source control management tools via a GUI. When a user clones an untrusted repository and is tricked into editing a file located in a maliciously named directory in the repository, then Git GUI can create and overwrite files for which the user has write permission. This vulnerability is fixed in 2.43.7, 2.44.4, 2.45.4, 2.46.4, 2.47.3, 2.48.2, 2.49.1, and 2.50.1.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Micro 6.1:git-2.51.0-slfo.1.1_1.1.aarch64",
          "SUSE Linux Micro 6.1:git-2.51.0-slfo.1.1_1.1.ppc64le",
          "SUSE Linux Micro 6.1:git-2.51.0-slfo.1.1_1.1.s390x",
          "SUSE Linux Micro 6.1:git-2.51.0-slfo.1.1_1.1.x86_64",
          "SUSE Linux Micro 6.1:git-core-2.51.0-slfo.1.1_1.1.aarch64",
          "SUSE Linux Micro 6.1:git-core-2.51.0-slfo.1.1_1.1.ppc64le",
          "SUSE Linux Micro 6.1:git-core-2.51.0-slfo.1.1_1.1.s390x",
          "SUSE Linux Micro 6.1:git-core-2.51.0-slfo.1.1_1.1.x86_64",
          "SUSE Linux Micro 6.1:perl-Git-2.51.0-slfo.1.1_1.1.aarch64",
          "SUSE Linux Micro 6.1:perl-Git-2.51.0-slfo.1.1_1.1.ppc64le",
          "SUSE Linux Micro 6.1:perl-Git-2.51.0-slfo.1.1_1.1.s390x",
          "SUSE Linux Micro 6.1:perl-Git-2.51.0-slfo.1.1_1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-46835",
          "url": "https://www.suse.com/security/cve/CVE-2025-46835"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1245942 for CVE-2025-46835",
          "url": "https://bugzilla.suse.com/1245942"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Micro 6.1:git-2.51.0-slfo.1.1_1.1.aarch64",
            "SUSE Linux Micro 6.1:git-2.51.0-slfo.1.1_1.1.ppc64le",
            "SUSE Linux Micro 6.1:git-2.51.0-slfo.1.1_1.1.s390x",
            "SUSE Linux Micro 6.1:git-2.51.0-slfo.1.1_1.1.x86_64",
            "SUSE Linux Micro 6.1:git-core-2.51.0-slfo.1.1_1.1.aarch64",
            "SUSE Linux Micro 6.1:git-core-2.51.0-slfo.1.1_1.1.ppc64le",
            "SUSE Linux Micro 6.1:git-core-2.51.0-slfo.1.1_1.1.s390x",
            "SUSE Linux Micro 6.1:git-core-2.51.0-slfo.1.1_1.1.x86_64",
            "SUSE Linux Micro 6.1:perl-Git-2.51.0-slfo.1.1_1.1.aarch64",
            "SUSE Linux Micro 6.1:perl-Git-2.51.0-slfo.1.1_1.1.ppc64le",
            "SUSE Linux Micro 6.1:perl-Git-2.51.0-slfo.1.1_1.1.s390x",
            "SUSE Linux Micro 6.1:perl-Git-2.51.0-slfo.1.1_1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Micro 6.1:git-2.51.0-slfo.1.1_1.1.aarch64",
            "SUSE Linux Micro 6.1:git-2.51.0-slfo.1.1_1.1.ppc64le",
            "SUSE Linux Micro 6.1:git-2.51.0-slfo.1.1_1.1.s390x",
            "SUSE Linux Micro 6.1:git-2.51.0-slfo.1.1_1.1.x86_64",
            "SUSE Linux Micro 6.1:git-core-2.51.0-slfo.1.1_1.1.aarch64",
            "SUSE Linux Micro 6.1:git-core-2.51.0-slfo.1.1_1.1.ppc64le",
            "SUSE Linux Micro 6.1:git-core-2.51.0-slfo.1.1_1.1.s390x",
            "SUSE Linux Micro 6.1:git-core-2.51.0-slfo.1.1_1.1.x86_64",
            "SUSE Linux Micro 6.1:perl-Git-2.51.0-slfo.1.1_1.1.aarch64",
            "SUSE Linux Micro 6.1:perl-Git-2.51.0-slfo.1.1_1.1.ppc64le",
            "SUSE Linux Micro 6.1:perl-Git-2.51.0-slfo.1.1_1.1.s390x",
            "SUSE Linux Micro 6.1:perl-Git-2.51.0-slfo.1.1_1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-10-09T14:25:15Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-46835"
    },
    {
      "cve": "CVE-2025-48384",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-48384"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full access to internals. When reading a config value, Git strips any trailing carriage return and line feed (CRLF). When writing a config entry, values with a trailing CR are not quoted, causing the CR to be lost when the config is later read. When initializing a submodule, if the submodule path contains a trailing CR, the altered path is read resulting in the submodule being checked out to an incorrect location. If a symlink exists that points the altered path to the submodule hooks directory, and the submodule contains an executable post-checkout hook, the script may be unintentionally executed after checkout. This vulnerability is fixed in v2.43.7, v2.44.4, v2.45.4, v2.46.4, v2.47.3, v2.48.2, v2.49.1, and v2.50.1.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Micro 6.1:git-2.51.0-slfo.1.1_1.1.aarch64",
          "SUSE Linux Micro 6.1:git-2.51.0-slfo.1.1_1.1.ppc64le",
          "SUSE Linux Micro 6.1:git-2.51.0-slfo.1.1_1.1.s390x",
          "SUSE Linux Micro 6.1:git-2.51.0-slfo.1.1_1.1.x86_64",
          "SUSE Linux Micro 6.1:git-core-2.51.0-slfo.1.1_1.1.aarch64",
          "SUSE Linux Micro 6.1:git-core-2.51.0-slfo.1.1_1.1.ppc64le",
          "SUSE Linux Micro 6.1:git-core-2.51.0-slfo.1.1_1.1.s390x",
          "SUSE Linux Micro 6.1:git-core-2.51.0-slfo.1.1_1.1.x86_64",
          "SUSE Linux Micro 6.1:perl-Git-2.51.0-slfo.1.1_1.1.aarch64",
          "SUSE Linux Micro 6.1:perl-Git-2.51.0-slfo.1.1_1.1.ppc64le",
          "SUSE Linux Micro 6.1:perl-Git-2.51.0-slfo.1.1_1.1.s390x",
          "SUSE Linux Micro 6.1:perl-Git-2.51.0-slfo.1.1_1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-48384",
          "url": "https://www.suse.com/security/cve/CVE-2025-48384"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1245943 for CVE-2025-48384",
          "url": "https://bugzilla.suse.com/1245943"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Micro 6.1:git-2.51.0-slfo.1.1_1.1.aarch64",
            "SUSE Linux Micro 6.1:git-2.51.0-slfo.1.1_1.1.ppc64le",
            "SUSE Linux Micro 6.1:git-2.51.0-slfo.1.1_1.1.s390x",
            "SUSE Linux Micro 6.1:git-2.51.0-slfo.1.1_1.1.x86_64",
            "SUSE Linux Micro 6.1:git-core-2.51.0-slfo.1.1_1.1.aarch64",
            "SUSE Linux Micro 6.1:git-core-2.51.0-slfo.1.1_1.1.ppc64le",
            "SUSE Linux Micro 6.1:git-core-2.51.0-slfo.1.1_1.1.s390x",
            "SUSE Linux Micro 6.1:git-core-2.51.0-slfo.1.1_1.1.x86_64",
            "SUSE Linux Micro 6.1:perl-Git-2.51.0-slfo.1.1_1.1.aarch64",
            "SUSE Linux Micro 6.1:perl-Git-2.51.0-slfo.1.1_1.1.ppc64le",
            "SUSE Linux Micro 6.1:perl-Git-2.51.0-slfo.1.1_1.1.s390x",
            "SUSE Linux Micro 6.1:perl-Git-2.51.0-slfo.1.1_1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Micro 6.1:git-2.51.0-slfo.1.1_1.1.aarch64",
            "SUSE Linux Micro 6.1:git-2.51.0-slfo.1.1_1.1.ppc64le",
            "SUSE Linux Micro 6.1:git-2.51.0-slfo.1.1_1.1.s390x",
            "SUSE Linux Micro 6.1:git-2.51.0-slfo.1.1_1.1.x86_64",
            "SUSE Linux Micro 6.1:git-core-2.51.0-slfo.1.1_1.1.aarch64",
            "SUSE Linux Micro 6.1:git-core-2.51.0-slfo.1.1_1.1.ppc64le",
            "SUSE Linux Micro 6.1:git-core-2.51.0-slfo.1.1_1.1.s390x",
            "SUSE Linux Micro 6.1:git-core-2.51.0-slfo.1.1_1.1.x86_64",
            "SUSE Linux Micro 6.1:perl-Git-2.51.0-slfo.1.1_1.1.aarch64",
            "SUSE Linux Micro 6.1:perl-Git-2.51.0-slfo.1.1_1.1.ppc64le",
            "SUSE Linux Micro 6.1:perl-Git-2.51.0-slfo.1.1_1.1.s390x",
            "SUSE Linux Micro 6.1:perl-Git-2.51.0-slfo.1.1_1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-10-09T14:25:15Z",
          "details": "important"
        }
      ],
      "title": "CVE-2025-48384"
    },
    {
      "cve": "CVE-2025-48385",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-48385"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full access to internals. When cloning a repository Git knows to optionally fetch a bundle advertised by the remote server, which allows the server-side to offload parts of the clone to a CDN. The Git client does not perform sufficient validation of the advertised bundles, which allows the remote side to perform protocol injection. This protocol injection can cause the client to write the fetched bundle to a location controlled by the adversary. The fetched content is fully controlled by the server, which can in the worst case lead to arbitrary code execution. The use of bundle URIs is not enabled by default and can be controlled by the bundle.heuristic config option. Some cases of the vulnerability require that the adversary is in control of where a repository will be cloned to. This either requires social engineering or a recursive clone with submodules. These cases can thus be avoided by disabling recursive clones. This vulnerability is fixed in v2.43.7, v2.44.4, v2.45.4, v2.46.4, v2.47.3, v2.48.2, v2.49.1, and v2.50.1.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Micro 6.1:git-2.51.0-slfo.1.1_1.1.aarch64",
          "SUSE Linux Micro 6.1:git-2.51.0-slfo.1.1_1.1.ppc64le",
          "SUSE Linux Micro 6.1:git-2.51.0-slfo.1.1_1.1.s390x",
          "SUSE Linux Micro 6.1:git-2.51.0-slfo.1.1_1.1.x86_64",
          "SUSE Linux Micro 6.1:git-core-2.51.0-slfo.1.1_1.1.aarch64",
          "SUSE Linux Micro 6.1:git-core-2.51.0-slfo.1.1_1.1.ppc64le",
          "SUSE Linux Micro 6.1:git-core-2.51.0-slfo.1.1_1.1.s390x",
          "SUSE Linux Micro 6.1:git-core-2.51.0-slfo.1.1_1.1.x86_64",
          "SUSE Linux Micro 6.1:perl-Git-2.51.0-slfo.1.1_1.1.aarch64",
          "SUSE Linux Micro 6.1:perl-Git-2.51.0-slfo.1.1_1.1.ppc64le",
          "SUSE Linux Micro 6.1:perl-Git-2.51.0-slfo.1.1_1.1.s390x",
          "SUSE Linux Micro 6.1:perl-Git-2.51.0-slfo.1.1_1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-48385",
          "url": "https://www.suse.com/security/cve/CVE-2025-48385"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1245946 for CVE-2025-48385",
          "url": "https://bugzilla.suse.com/1245946"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Micro 6.1:git-2.51.0-slfo.1.1_1.1.aarch64",
            "SUSE Linux Micro 6.1:git-2.51.0-slfo.1.1_1.1.ppc64le",
            "SUSE Linux Micro 6.1:git-2.51.0-slfo.1.1_1.1.s390x",
            "SUSE Linux Micro 6.1:git-2.51.0-slfo.1.1_1.1.x86_64",
            "SUSE Linux Micro 6.1:git-core-2.51.0-slfo.1.1_1.1.aarch64",
            "SUSE Linux Micro 6.1:git-core-2.51.0-slfo.1.1_1.1.ppc64le",
            "SUSE Linux Micro 6.1:git-core-2.51.0-slfo.1.1_1.1.s390x",
            "SUSE Linux Micro 6.1:git-core-2.51.0-slfo.1.1_1.1.x86_64",
            "SUSE Linux Micro 6.1:perl-Git-2.51.0-slfo.1.1_1.1.aarch64",
            "SUSE Linux Micro 6.1:perl-Git-2.51.0-slfo.1.1_1.1.ppc64le",
            "SUSE Linux Micro 6.1:perl-Git-2.51.0-slfo.1.1_1.1.s390x",
            "SUSE Linux Micro 6.1:perl-Git-2.51.0-slfo.1.1_1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Micro 6.1:git-2.51.0-slfo.1.1_1.1.aarch64",
            "SUSE Linux Micro 6.1:git-2.51.0-slfo.1.1_1.1.ppc64le",
            "SUSE Linux Micro 6.1:git-2.51.0-slfo.1.1_1.1.s390x",
            "SUSE Linux Micro 6.1:git-2.51.0-slfo.1.1_1.1.x86_64",
            "SUSE Linux Micro 6.1:git-core-2.51.0-slfo.1.1_1.1.aarch64",
            "SUSE Linux Micro 6.1:git-core-2.51.0-slfo.1.1_1.1.ppc64le",
            "SUSE Linux Micro 6.1:git-core-2.51.0-slfo.1.1_1.1.s390x",
            "SUSE Linux Micro 6.1:git-core-2.51.0-slfo.1.1_1.1.x86_64",
            "SUSE Linux Micro 6.1:perl-Git-2.51.0-slfo.1.1_1.1.aarch64",
            "SUSE Linux Micro 6.1:perl-Git-2.51.0-slfo.1.1_1.1.ppc64le",
            "SUSE Linux Micro 6.1:perl-Git-2.51.0-slfo.1.1_1.1.s390x",
            "SUSE Linux Micro 6.1:perl-Git-2.51.0-slfo.1.1_1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-10-09T14:25:15Z",
          "details": "important"
        }
      ],
      "title": "CVE-2025-48385"
    },
    {
      "cve": "CVE-2025-48386",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-48386"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full access to internals. The wincred credential helper uses a static buffer (target) as a unique key for storing and comparing against internal storage. This credential helper does not properly bounds check the available space remaining in the buffer before appending to it with wcsncat(), leading to potential buffer overflows. This vulnerability is fixed in v2.43.7, v2.44.4, v2.45.4, v2.46.4, v2.47.3, v2.48.2, v2.49.1, and v2.50.1.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Micro 6.1:git-2.51.0-slfo.1.1_1.1.aarch64",
          "SUSE Linux Micro 6.1:git-2.51.0-slfo.1.1_1.1.ppc64le",
          "SUSE Linux Micro 6.1:git-2.51.0-slfo.1.1_1.1.s390x",
          "SUSE Linux Micro 6.1:git-2.51.0-slfo.1.1_1.1.x86_64",
          "SUSE Linux Micro 6.1:git-core-2.51.0-slfo.1.1_1.1.aarch64",
          "SUSE Linux Micro 6.1:git-core-2.51.0-slfo.1.1_1.1.ppc64le",
          "SUSE Linux Micro 6.1:git-core-2.51.0-slfo.1.1_1.1.s390x",
          "SUSE Linux Micro 6.1:git-core-2.51.0-slfo.1.1_1.1.x86_64",
          "SUSE Linux Micro 6.1:perl-Git-2.51.0-slfo.1.1_1.1.aarch64",
          "SUSE Linux Micro 6.1:perl-Git-2.51.0-slfo.1.1_1.1.ppc64le",
          "SUSE Linux Micro 6.1:perl-Git-2.51.0-slfo.1.1_1.1.s390x",
          "SUSE Linux Micro 6.1:perl-Git-2.51.0-slfo.1.1_1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-48386",
          "url": "https://www.suse.com/security/cve/CVE-2025-48386"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1245947 for CVE-2025-48386",
          "url": "https://bugzilla.suse.com/1245947"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Micro 6.1:git-2.51.0-slfo.1.1_1.1.aarch64",
            "SUSE Linux Micro 6.1:git-2.51.0-slfo.1.1_1.1.ppc64le",
            "SUSE Linux Micro 6.1:git-2.51.0-slfo.1.1_1.1.s390x",
            "SUSE Linux Micro 6.1:git-2.51.0-slfo.1.1_1.1.x86_64",
            "SUSE Linux Micro 6.1:git-core-2.51.0-slfo.1.1_1.1.aarch64",
            "SUSE Linux Micro 6.1:git-core-2.51.0-slfo.1.1_1.1.ppc64le",
            "SUSE Linux Micro 6.1:git-core-2.51.0-slfo.1.1_1.1.s390x",
            "SUSE Linux Micro 6.1:git-core-2.51.0-slfo.1.1_1.1.x86_64",
            "SUSE Linux Micro 6.1:perl-Git-2.51.0-slfo.1.1_1.1.aarch64",
            "SUSE Linux Micro 6.1:perl-Git-2.51.0-slfo.1.1_1.1.ppc64le",
            "SUSE Linux Micro 6.1:perl-Git-2.51.0-slfo.1.1_1.1.s390x",
            "SUSE Linux Micro 6.1:perl-Git-2.51.0-slfo.1.1_1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Micro 6.1:git-2.51.0-slfo.1.1_1.1.aarch64",
            "SUSE Linux Micro 6.1:git-2.51.0-slfo.1.1_1.1.ppc64le",
            "SUSE Linux Micro 6.1:git-2.51.0-slfo.1.1_1.1.s390x",
            "SUSE Linux Micro 6.1:git-2.51.0-slfo.1.1_1.1.x86_64",
            "SUSE Linux Micro 6.1:git-core-2.51.0-slfo.1.1_1.1.aarch64",
            "SUSE Linux Micro 6.1:git-core-2.51.0-slfo.1.1_1.1.ppc64le",
            "SUSE Linux Micro 6.1:git-core-2.51.0-slfo.1.1_1.1.s390x",
            "SUSE Linux Micro 6.1:git-core-2.51.0-slfo.1.1_1.1.x86_64",
            "SUSE Linux Micro 6.1:perl-Git-2.51.0-slfo.1.1_1.1.aarch64",
            "SUSE Linux Micro 6.1:perl-Git-2.51.0-slfo.1.1_1.1.ppc64le",
            "SUSE Linux Micro 6.1:perl-Git-2.51.0-slfo.1.1_1.1.s390x",
            "SUSE Linux Micro 6.1:perl-Git-2.51.0-slfo.1.1_1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-10-09T14:25:15Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-48386"
    }
  ]
}

CVE-2025-48384 (GCVE-0-2025-48384)

Vulnerability from cvelistv5

Published

2025-07-08 18:23

Modified

2025-11-04 21:11

Severity ?

8.0 (High) - CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H

CWE

CWE-436 - Interpretation Conflict
CWE-59 - Improper Link Resolution Before File Access ('Link Following')

Summary

Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full access to internals. When reading a config value, Git strips any trailing carriage return and line feed (CRLF). When writing a config entry, values with a trailing CR are not quoted, causing the CR to be lost when the config is later read. When initializing a submodule, if the submodule path contains a trailing CR, the altered path is read resulting in the submodule being checked out to an incorrect location. If a symlink exists that points the altered path to the submodule hooks directory, and the submodule contains an executable post-checkout hook, the script may be unintentionally executed after checkout. This vulnerability is fixed in v2.43.7, v2.44.4, v2.45.4, v2.46.4, v2.47.3, v2.48.2, v2.49.1, and v2.50.1.

References

URL

Tags

https://github.com/git/git/security/advisories/GHSA-vwqx-4fm8-6qc9

x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	git	git	Version: < 2.43.7 Version: >= 2.44.0-rc0, < 2.44.4 Version: >= 2.45.0-rc0, < 2.45.4 Version: >= 2.46.0-rc0, < 2.46.4 Version: >= 2.47.0-rc0, < 2.47.3 Version: >= 2.48.0-rc0, < 2.48.2 Version: >= 2.49.0-rc0, < 2.49.1 Version: >= 2.50.0-rc0, < 2.50.1

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-48384",
                "options": [
                  {
                    "Exploitation": "active"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-08-26T03:55:23.181071Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          },
          {
            "other": {
              "content": {
                "dateAdded": "2025-08-25",
                "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-48384"
              },
              "type": "kev"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-10-21T22:45:22.728Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "government-resource"
            ],
            "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-48384"
          }
        ],
        "timeline": [
          {
            "lang": "en",
            "time": "2025-08-25T00:00:00+00:00",
            "value": "CVE-2025-48384 added to CISA KEV"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-04T21:11:00.255Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00003.html"
          },
          {
            "url": "http://seclists.org/fulldisclosure/2025/Sep/60"
          },
          {
            "url": "http://www.openwall.com/lists/oss-security/2025/07/08/4"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "git",
          "vendor": "git",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 2.43.7"
            },
            {
              "status": "affected",
              "version": "\u003e= 2.44.0-rc0, \u003c 2.44.4"
            },
            {
              "status": "affected",
              "version": "\u003e= 2.45.0-rc0, \u003c 2.45.4"
            },
            {
              "status": "affected",
              "version": "\u003e= 2.46.0-rc0, \u003c 2.46.4"
            },
            {
              "status": "affected",
              "version": "\u003e= 2.47.0-rc0, \u003c 2.47.3"
            },
            {
              "status": "affected",
              "version": "\u003e= 2.48.0-rc0, \u003c 2.48.2"
            },
            {
              "status": "affected",
              "version": "\u003e= 2.49.0-rc0, \u003c 2.49.1"
            },
            {
              "status": "affected",
              "version": "\u003e= 2.50.0-rc0, \u003c 2.50.1"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full access to internals. When reading a config value, Git strips any trailing carriage return and line feed (CRLF). When writing a config entry, values with a trailing CR are not quoted, causing the CR to be lost when the config is later read. When initializing a submodule, if the submodule path contains a trailing CR, the altered path is read resulting in the submodule being checked out to an incorrect location. If a symlink exists that points the altered path to the submodule hooks directory, and the submodule contains an executable post-checkout hook, the script may be unintentionally executed after checkout. This vulnerability is fixed in v2.43.7, v2.44.4, v2.45.4, v2.46.4, v2.47.3, v2.48.2, v2.49.1, and v2.50.1."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-436",
              "description": "CWE-436: Interpretation Conflict",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-59",
              "description": "CWE-59: Improper Link Resolution Before File Access (\u0027Link Following\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-08T18:23:48.710Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/git/git/security/advisories/GHSA-vwqx-4fm8-6qc9",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/git/git/security/advisories/GHSA-vwqx-4fm8-6qc9"
        }
      ],
      "source": {
        "advisory": "GHSA-vwqx-4fm8-6qc9",
        "discovery": "UNKNOWN"
      },
      "title": "Git allows arbitrary code execution through broken config quoting"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2025-48384",
    "datePublished": "2025-07-08T18:23:48.710Z",
    "dateReserved": "2025-05-19T15:46:00.397Z",
    "dateUpdated": "2025-11-04T21:11:00.255Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-48385 (GCVE-0-2025-48385)

Vulnerability from cvelistv5

Published

2025-07-08 18:23

Modified

2025-11-04 21:11

Severity ?

8.6 (High) - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

CWE

CWE-88 - Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')
CWE-73 - External Control of File Name or Path

Summary

Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full access to internals. When cloning a repository Git knows to optionally fetch a bundle advertised by the remote server, which allows the server-side to offload parts of the clone to a CDN. The Git client does not perform sufficient validation of the advertised bundles, which allows the remote side to perform protocol injection. This protocol injection can cause the client to write the fetched bundle to a location controlled by the adversary. The fetched content is fully controlled by the server, which can in the worst case lead to arbitrary code execution. The use of bundle URIs is not enabled by default and can be controlled by the bundle.heuristic config option. Some cases of the vulnerability require that the adversary is in control of where a repository will be cloned to. This either requires social engineering or a recursive clone with submodules. These cases can thus be avoided by disabling recursive clones. This vulnerability is fixed in v2.43.7, v2.44.4, v2.45.4, v2.46.4, v2.47.3, v2.48.2, v2.49.1, and v2.50.1.

References

URL

Tags

https://github.com/git/git/security/advisories/GHSA-m98c-vgpc-9655

x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	git	git	Version: < 2.43.7 Version: >= 2.44.0-rc0, < 2.44.4 Version: >= 2.45.0-rc0, < 2.45.4 Version: >= 2.46.0-rc0, < 2.46.4 Version: >= 2.47.0-rc0, < 2.47.3 Version: >= 2.48.0-rc0, < 2.48.2 Version: >= 2.49.0-rc0, < 2.49.1 Version: >= 2.50.0-rc0, < 2.50.1

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-48385",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-07-08T18:38:28.946672Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-07-08T18:38:41.309Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-04T21:11:01.641Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "http://www.openwall.com/lists/oss-security/2025/07/08/4"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "git",
          "vendor": "git",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 2.43.7"
            },
            {
              "status": "affected",
              "version": "\u003e= 2.44.0-rc0, \u003c 2.44.4"
            },
            {
              "status": "affected",
              "version": "\u003e= 2.45.0-rc0, \u003c 2.45.4"
            },
            {
              "status": "affected",
              "version": "\u003e= 2.46.0-rc0, \u003c 2.46.4"
            },
            {
              "status": "affected",
              "version": "\u003e= 2.47.0-rc0, \u003c 2.47.3"
            },
            {
              "status": "affected",
              "version": "\u003e= 2.48.0-rc0, \u003c 2.48.2"
            },
            {
              "status": "affected",
              "version": "\u003e= 2.49.0-rc0, \u003c 2.49.1"
            },
            {
              "status": "affected",
              "version": "\u003e= 2.50.0-rc0, \u003c 2.50.1"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full access to internals. When cloning a repository Git knows to optionally fetch a bundle advertised by the remote server, which allows the server-side to offload parts of the clone to a CDN. The Git client does not perform sufficient validation of the advertised bundles, which allows the remote side to perform protocol injection. This protocol injection can cause the client to write the fetched bundle to a location controlled by the adversary. The fetched content is fully controlled by the server, which can in the worst case lead to arbitrary code execution. The use of bundle URIs is not enabled by default and can be controlled by the bundle.heuristic config option. Some cases of the vulnerability require that the adversary is in control of where a repository will be cloned to. This either requires social engineering or a recursive clone with submodules. These cases can thus be avoided by disabling recursive clones. This vulnerability is fixed in v2.43.7, v2.44.4, v2.45.4, v2.46.4, v2.47.3, v2.48.2, v2.49.1, and v2.50.1."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "NETWORK",
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "privilegesRequired": "NONE",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "ACTIVE",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "HIGH",
            "vulnIntegrityImpact": "HIGH"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-88",
              "description": "CWE-88: Improper Neutralization of Argument Delimiters in a Command (\u0027Argument Injection\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-73",
              "description": "CWE-73: External Control of File Name or Path",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-08T18:23:44.405Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/git/git/security/advisories/GHSA-m98c-vgpc-9655",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/git/git/security/advisories/GHSA-m98c-vgpc-9655"
        }
      ],
      "source": {
        "advisory": "GHSA-m98c-vgpc-9655",
        "discovery": "UNKNOWN"
      },
      "title": "Git alllows arbitrary file writes via bundle-uri parameter injection"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2025-48385",
    "datePublished": "2025-07-08T18:23:44.405Z",
    "dateReserved": "2025-05-19T15:46:00.397Z",
    "dateUpdated": "2025-11-04T21:11:01.641Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-48386 (GCVE-0-2025-48386)

Vulnerability from cvelistv5

Published

2025-07-08 18:23

Modified

2025-11-04 21:11

Severity ?

6.3 (Medium) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N

CWE

CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

Summary

Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full access to internals. The wincred credential helper uses a static buffer (target) as a unique key for storing and comparing against internal storage. This credential helper does not properly bounds check the available space remaining in the buffer before appending to it with wcsncat(), leading to potential buffer overflows. This vulnerability is fixed in v2.43.7, v2.44.4, v2.45.4, v2.46.4, v2.47.3, v2.48.2, v2.49.1, and v2.50.1.

References

URL

Tags

https://github.com/git/git/security/advisories/GHSA-4v56-3xvj-xvfr

x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	git	git	Version: < 2.43.7 Version: >= 2.44.0-rc0, < 2.44.4 Version: >= 2.45.0-rc0, < 2.45.4 Version: >= 2.46.0-rc0, < 2.46.4 Version: >= 2.47.0-rc0, < 2.47.3 Version: >= 2.48.0-rc0, < 2.48.2 Version: >= 2.49.0-rc0, < 2.49.1 Version: >= 2.50.0-rc0, < 2.50.1

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-48386",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-07-08T18:46:25.350003Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-07-08T18:46:36.726Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-04T21:11:02.964Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "http://www.openwall.com/lists/oss-security/2025/07/08/4"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "git",
          "vendor": "git",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 2.43.7"
            },
            {
              "status": "affected",
              "version": "\u003e= 2.44.0-rc0, \u003c 2.44.4"
            },
            {
              "status": "affected",
              "version": "\u003e= 2.45.0-rc0, \u003c 2.45.4"
            },
            {
              "status": "affected",
              "version": "\u003e= 2.46.0-rc0, \u003c 2.46.4"
            },
            {
              "status": "affected",
              "version": "\u003e= 2.47.0-rc0, \u003c 2.47.3"
            },
            {
              "status": "affected",
              "version": "\u003e= 2.48.0-rc0, \u003c 2.48.2"
            },
            {
              "status": "affected",
              "version": "\u003e= 2.49.0-rc0, \u003c 2.49.1"
            },
            {
              "status": "affected",
              "version": "\u003e= 2.50.0-rc0, \u003c 2.50.1"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full access to internals. The wincred credential helper uses a static buffer (target) as a unique key for storing and comparing against internal storage. This credential helper does not properly bounds check the available space remaining in the buffer before appending to it with wcsncat(), leading to potential buffer overflows. This vulnerability is fixed in v2.43.7, v2.44.4, v2.45.4, v2.46.4, v2.47.3, v2.48.2, v2.49.1, and v2.50.1."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 6.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-120",
              "description": "CWE-120: Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-08T18:23:41.246Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/git/git/security/advisories/GHSA-4v56-3xvj-xvfr",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/git/git/security/advisories/GHSA-4v56-3xvj-xvfr"
        }
      ],
      "source": {
        "advisory": "GHSA-4v56-3xvj-xvfr",
        "discovery": "UNKNOWN"
      },
      "title": "Git allows a buffer overflow in \u0027wincred\u0027 credential helper"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2025-48386",
    "datePublished": "2025-07-08T18:23:41.246Z",
    "dateReserved": "2025-05-19T15:46:00.397Z",
    "dateUpdated": "2025-11-04T21:11:02.964Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-27613 (GCVE-0-2025-27613)

Vulnerability from cvelistv5

Published

2025-07-10 14:58

Modified

2025-11-04 21:09

Severity ?

3.6 (Low) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N

CWE

CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

Summary

Gitk is a Tcl/Tk based Git history browser. Starting with 1.7.0, when a user clones an untrusted repository and runs gitk without additional command arguments, files for which the user has write permission can be created and truncated. The option Support per-file encoding must have been enabled before in Gitk's Preferences. This option is disabled by default. The same happens when Show origin of this line is used in the main window (regardless of whether Support per-file encoding is enabled or not). This vulnerability is fixed in 2.43.7, 2.44.4, 2.45.4, 2.46.4, 2.47.3, 2.48.2, 2.49.1, and 2.50.1.

References

URL

Tags

	https://github.com/j6t/gitk/security/advisories/GHSA-f3cw-xrj3-wr2v	x_refsource_CONFIRM
	https://github.com/j6t/gitk/compare/465f03869ae11acd04abfa1b83c67879c867410c..026c397d911cde55924d7eb1311d0fd6e2e105d5	x_refsource_MISC
	https://github.com/j6t/gitk/compare/7dd272eca153058da2e8d5b9960bbbf0b4f0cbaa..67a128b91e25978a15f9f7e194d81b441d603652	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	j6t	gitk	Version: >= 1.7.0, < 2.43.7 Version: >= 2.44.0, < 2.44.4 Version: >= 2.45.0, < 2.45.4 Version: >= 2.46.0, < 2.46.4 Version: >= 2.47.0, < 2.47.3 Version: >= 2.48.0, < 2.48.2 Version: >= 2.49.0, < 2.49.1 Version: >= 2.50.0, < 2.50.1

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-27613",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-07-10T15:55:29.551008Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-07-10T15:55:34.975Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-04T21:09:52.727Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00003.html"
          },
          {
            "url": "http://www.openwall.com/lists/oss-security/2025/07/08/4"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "gitk",
          "vendor": "j6t",
          "versions": [
            {
              "status": "affected",
              "version": "\u003e= 1.7.0, \u003c 2.43.7"
            },
            {
              "status": "affected",
              "version": "\u003e= 2.44.0, \u003c 2.44.4"
            },
            {
              "status": "affected",
              "version": "\u003e= 2.45.0, \u003c 2.45.4"
            },
            {
              "status": "affected",
              "version": "\u003e= 2.46.0, \u003c 2.46.4"
            },
            {
              "status": "affected",
              "version": "\u003e= 2.47.0, \u003c 2.47.3"
            },
            {
              "status": "affected",
              "version": "\u003e= 2.48.0, \u003c 2.48.2"
            },
            {
              "status": "affected",
              "version": "\u003e= 2.49.0, \u003c 2.49.1"
            },
            {
              "status": "affected",
              "version": "\u003e= 2.50.0, \u003c 2.50.1"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Gitk is a Tcl/Tk based Git history browser. Starting with 1.7.0, when a user clones an untrusted repository and runs gitk without additional command arguments, files for which the user has write permission can be created and truncated. The option Support per-file encoding must have been enabled before in Gitk\u0027s Preferences. This option is disabled by default. The same happens when Show origin of this line is used in the main window (regardless of whether Support per-file encoding is enabled or not). This vulnerability is fixed in 2.43.7, 2.44.4, 2.45.4, 2.46.4, 2.47.3, 2.48.2, 2.49.1, and 2.50.1."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 3.6,
            "baseSeverity": "LOW",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-78",
              "description": "CWE-78: Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-10T14:58:16.752Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/j6t/gitk/security/advisories/GHSA-f3cw-xrj3-wr2v",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/j6t/gitk/security/advisories/GHSA-f3cw-xrj3-wr2v"
        },
        {
          "name": "https://github.com/j6t/gitk/compare/465f03869ae11acd04abfa1b83c67879c867410c..026c397d911cde55924d7eb1311d0fd6e2e105d5",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/j6t/gitk/compare/465f03869ae11acd04abfa1b83c67879c867410c..026c397d911cde55924d7eb1311d0fd6e2e105d5"
        },
        {
          "name": "https://github.com/j6t/gitk/compare/7dd272eca153058da2e8d5b9960bbbf0b4f0cbaa..67a128b91e25978a15f9f7e194d81b441d603652",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/j6t/gitk/compare/7dd272eca153058da2e8d5b9960bbbf0b4f0cbaa..67a128b91e25978a15f9f7e194d81b441d603652"
        }
      ],
      "source": {
        "advisory": "GHSA-f3cw-xrj3-wr2v",
        "discovery": "UNKNOWN"
      },
      "title": "Gitk can create and truncate files in the user\u0027s home directory"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2025-27613",
    "datePublished": "2025-07-10T14:58:16.752Z",
    "dateReserved": "2025-03-03T15:10:34.079Z",
    "dateUpdated": "2025-11-04T21:09:52.727Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-46835 (GCVE-0-2025-46835)

Vulnerability from cvelistv5

Published

2025-07-10 15:09

Modified

2025-11-04 21:10

Severity ?

8.5 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:L

CWE

CWE-88 - Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')

Summary

Git GUI allows you to use the Git source control management tools via a GUI. When a user clones an untrusted repository and is tricked into editing a file located in a maliciously named directory in the repository, then Git GUI can create and overwrite files for which the user has write permission. This vulnerability is fixed in 2.43.7, 2.44.4, 2.45.4, 2.46.4, 2.47.3, 2.48.2, 2.49.1, and 2.50.1.

References

URL

Tags

	https://github.com/j6t/git-gui/security/advisories/GHSA-xfx7-68v4-v8fg	x_refsource_CONFIRM
	https://github.com/j6t/git-gui/compare/dcda716dbc9c90bcac4611bd1076747671ee0906..a437f5bc93330a70b42a230e52f3bd036ca1b1da	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	j6t	git-gui	Version: < 2.43.7 Version: >= 2.44.0, < 2.44.4 Version: >= 2.45.0, < 2.45.4 Version: >= 2.46.0, < 2.46.4 Version: >= 2.47.0, < 2.47.3 Version: >= 2.48.0, < 2.48.2 Version: >= 2.49.0, < 2.49.1 Version: >= 2.50.0, < 2.50.1

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-46835",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-07-10T15:53:11.968495Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-07-10T15:53:21.530Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-04T21:10:52.169Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00003.html"
          },
          {
            "url": "http://www.openwall.com/lists/oss-security/2025/07/08/4"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "git-gui",
          "vendor": "j6t",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 2.43.7"
            },
            {
              "status": "affected",
              "version": "\u003e= 2.44.0, \u003c 2.44.4"
            },
            {
              "status": "affected",
              "version": "\u003e= 2.45.0, \u003c 2.45.4"
            },
            {
              "status": "affected",
              "version": "\u003e= 2.46.0, \u003c 2.46.4"
            },
            {
              "status": "affected",
              "version": "\u003e= 2.47.0, \u003c 2.47.3"
            },
            {
              "status": "affected",
              "version": "\u003e= 2.48.0, \u003c 2.48.2"
            },
            {
              "status": "affected",
              "version": "\u003e= 2.49.0, \u003c 2.49.1"
            },
            {
              "status": "affected",
              "version": "\u003e= 2.50.0, \u003c 2.50.1"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Git GUI allows you to use the Git source control management tools via a GUI. When a user clones an untrusted repository and is tricked into editing a file located in a maliciously named directory in the repository, then Git GUI can create and overwrite files for which the user has write permission. This vulnerability is fixed in 2.43.7, 2.44.4, 2.45.4, 2.46.4, 2.47.3, 2.48.2, 2.49.1, and 2.50.1."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "LOW",
            "baseScore": 8.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:L",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-88",
              "description": "CWE-88: Improper Neutralization of Argument Delimiters in a Command (\u0027Argument Injection\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-10T15:09:42.735Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/j6t/git-gui/security/advisories/GHSA-xfx7-68v4-v8fg",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/j6t/git-gui/security/advisories/GHSA-xfx7-68v4-v8fg"
        },
        {
          "name": "https://github.com/j6t/git-gui/compare/dcda716dbc9c90bcac4611bd1076747671ee0906..a437f5bc93330a70b42a230e52f3bd036ca1b1da",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/j6t/git-gui/compare/dcda716dbc9c90bcac4611bd1076747671ee0906..a437f5bc93330a70b42a230e52f3bd036ca1b1da"
        }
      ],
      "source": {
        "advisory": "GHSA-xfx7-68v4-v8fg",
        "discovery": "UNKNOWN"
      },
      "title": "Git GUI can create and overwrite files for which the user has write permission"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2025-46835",
    "datePublished": "2025-07-10T15:09:42.735Z",
    "dateReserved": "2025-04-30T19:41:58.135Z",
    "dateUpdated": "2025-11-04T21:10:52.169Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-27614 (GCVE-0-2025-27614)

Vulnerability from cvelistv5

Published

2025-07-10 15:02

Modified

2025-11-04 21:09

Severity ?

8.6 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

CWE

CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

Summary

Gitk is a Tcl/Tk based Git history browser. Starting with 2.41.0, a Git repository can be crafted in such a way that with some social engineering a user who has cloned the repository can be tricked into running any script (e.g., Bourne shell, Perl, Python, ...) supplied by the attacker by invoking gitk filename, where filename has a particular structure. The script is run with the privileges of the user. This vulnerability is fixed in 2.43.7, 2.44.4, 2.45.4, 2.46.4, 2.47.3, 2.48.2, 2.49.1, and 2.50.

References

URL

Tags

	https://github.com/j6t/gitk/security/advisories/GHSA-g4v5-fjv9-mhhc	x_refsource_CONFIRM
	https://github.com/j6t/gitk/commit/8e3070aa5e331be45d4d03e3be41f84494fce129	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	j6t	gitk	Version: >= 2.41.0, < 2.43.7 Version: >= 2.44.0, < 2.44.4 Version: >= 2.45.0, < 2.45.4 Version: >= 2.46.0, < 2.46.4 Version: >= 2.47.0, < 2.47.3 Version: >= 2.48.0, < 2.48.2 Version: >= 2.49.0, < 2.49.1 Version: >= 2.50.0, < 2.50.1

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-27614",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-07-10T15:54:41.814461Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-07-10T15:54:47.537Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-04T21:09:54.028Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "http://www.openwall.com/lists/oss-security/2025/07/08/4"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "gitk",
          "vendor": "j6t",
          "versions": [
            {
              "status": "affected",
              "version": "\u003e= 2.41.0, \u003c 2.43.7"
            },
            {
              "status": "affected",
              "version": "\u003e= 2.44.0, \u003c 2.44.4"
            },
            {
              "status": "affected",
              "version": "\u003e= 2.45.0, \u003c 2.45.4"
            },
            {
              "status": "affected",
              "version": "\u003e= 2.46.0, \u003c 2.46.4"
            },
            {
              "status": "affected",
              "version": "\u003e= 2.47.0, \u003c 2.47.3"
            },
            {
              "status": "affected",
              "version": "\u003e= 2.48.0, \u003c 2.48.2"
            },
            {
              "status": "affected",
              "version": "\u003e= 2.49.0, \u003c 2.49.1"
            },
            {
              "status": "affected",
              "version": "\u003e= 2.50.0, \u003c 2.50.1"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Gitk is a Tcl/Tk based Git history browser. Starting with 2.41.0, a Git repository can be crafted in such a way that with some social engineering a user who has cloned the repository can be tricked into running any script (e.g., Bourne shell, Perl, Python, ...) supplied by the attacker by invoking gitk filename, where filename has a particular structure. The script is run with the privileges of the user. This vulnerability is fixed in 2.43.7, 2.44.4, 2.45.4, 2.46.4, 2.47.3, 2.48.2, 2.49.1, and 2.50."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-78",
              "description": "CWE-78: Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-10T15:02:25.947Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/j6t/gitk/security/advisories/GHSA-g4v5-fjv9-mhhc",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/j6t/gitk/security/advisories/GHSA-g4v5-fjv9-mhhc"
        },
        {
          "name": "https://github.com/j6t/gitk/commit/8e3070aa5e331be45d4d03e3be41f84494fce129",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/j6t/gitk/commit/8e3070aa5e331be45d4d03e3be41f84494fce129"
        }
      ],
      "source": {
        "advisory": "GHSA-g4v5-fjv9-mhhc",
        "discovery": "UNKNOWN"
      },
      "title": "Gitk allows arbitrary command execution"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2025-27614",
    "datePublished": "2025-07-10T15:02:25.947Z",
    "dateReserved": "2025-03-03T15:10:34.080Z",
    "dateUpdated": "2025-11-04T21:09:54.028Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

suse-su-2025:20855-1

Vulnerability from csaf_suse

CVE-2025-48384 (GCVE-0-2025-48384)

Vulnerability from cvelistv5

CVE-2025-48385 (GCVE-0-2025-48385)

Vulnerability from cvelistv5

CVE-2025-48386 (GCVE-0-2025-48386)

Vulnerability from cvelistv5

CVE-2025-27613 (GCVE-0-2025-27613)

Vulnerability from cvelistv5

CVE-2025-46835 (GCVE-0-2025-46835)

Vulnerability from cvelistv5

CVE-2025-27614 (GCVE-0-2025-27614)

Vulnerability from cvelistv5

Tags

Sightings

Nomenclature