
We found results for “”
CVE-2025-46334
Good to know:

Date: July 10, 2025
Git GUI (Windows only): A malicious repository can ship versions of sh.exe or typical textconv filter programs such as astextplain. On Windows, path lookup can find such executables in the worktree. These programs are invoked when the user selects "Git Bash" or "Browse Files" from the menu.
Severity Score
Related Resources (5)
Severity Score
Weakness Type (CWE)
Top Fix

Upgrade Version
Upgrade to version https://github.com/git/git.git - v2.50.1;https://github.com/git/git.git - v2.49.1;https://github.com/git/git.git - v2.48.2;https://github.com/git/git.git - v2.47.3;https://github.com/git/git.git - v2.46.4;https://github.com/git/git.git - v2.45.4;https://github.com/git/git.git - v2.44.4;https://github.com/git/git.git - v2.43.7
CVSS v3.1
Base Score: |
|
---|---|
Attack Vector (AV): | LOCAL |
Attack Complexity (AC): | LOW |
Privileges Required (PR): | NONE |
User Interaction (UI): | REQUIRED |
Scope (S): | CHANGED |
Confidentiality (C): | HIGH |
Integrity (I): | HIGH |
Availability (A): | HIGH |