Support Us — Your donation helps us keep running

Goal: 1000 CNY,Raised: 1000 CNY

100.0%
Donate Now

git — Vulnerabilities & Security Advisories 23

Browse all 23 CVE security advisories affecting git. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top 10 Products git:git
CVE IDTitleCVSSSeverityPaused
CVE-2025-48384 Git allows arbitrary code execution through broken config quoting — gitCWE-436 8.1 High2025-07-08
CVE-2025-48385 Git alllows arbitrary file writes via bundle-uri parameter injection — gitCWE-88 8.8 -2025-07-08
CVE-2025-48386 Git allows a buffer overflow in 'wincred' credential helper — gitCWE-120 6.3 Medium2025-07-08
CVE-2024-52005 The sideband payload is passed unfiltered to the terminal in git — gitCWE-116 8.2 -2025-01-15
CVE-2024-50349 Git does not sanitize URLs when asking for credentials interactively — gitCWE-116 8.8 -2025-01-14
CVE-2024-52006 Newline confusion in credential helpers can lead to credential exfiltration in git — gitCWE-116 8.8 -2025-01-14
CVE-2024-32465 Git's protections for cloning untrusted repositories can be bypassed — gitCWE-22 7.4 High2024-05-14
CVE-2024-32021 Local Git clone may hardlink arbitrary user-readable files into the new repository's "objects/" directory — gitCWE-547 3.9 Low2024-05-14
CVE-2024-32020 Cloning local Git repository by untrusted user allows the untrusted user to modify objects in the cloned repository at will — gitCWE-281 3.9 Low2024-05-14
CVE-2024-32004 Git vulnerable to Remote Code Execution while cloning special-crafted local repositories — gitCWE-114 8.2 High2024-05-14
CVE-2024-32002 Git's recursive clones on case-insensitive filesystems that support symlinks are susceptible to Remote Code Execution — gitCWE-22 9.1 Critical2024-05-14
CVE-2023-29007 Arbitrary configuration injection via `git submodule deinit` — gitCWE-74 7.0 High2023-04-25
CVE-2023-25652 "git apply --reject" partially-controlled arbitrary file write — gitCWE-22 7.5 High2023-04-25
CVE-2023-23946 Git's `git apply` overwriting paths outside the working tree — gitCWE-22 6.2 Medium2023-02-14
CVE-2023-22490 Git vulnerable to local clone-based data exfiltration with non-local transports — gitCWE-59 5.5 Medium2023-02-14
CVE-2022-23521 gitattributes parsing integer overflow in git — gitCWE-190 9.8 Critical2023-01-17
CVE-2022-41903 Integer overflow in `git archive`, `git log --format` leading to RCE in git — gitCWE-190 9.8 Critical2023-01-17
CVE-2022-39260 Git vulnerable to Remote Code Execution via Heap overflow in `git shell` — gitCWE-787 8.5 High2022-10-19
CVE-2022-39253 Git subject to exposure of sensitive information via local clone of symbolic links — gitCWE-200 5.5 Medium2022-10-19
CVE-2022-29187 Bypass of safe.directory protections in Git — gitCWE-282 7.8 High2022-07-12
CVE-2021-21300 malicious repositories can execute remote code while cloning — gitCWE-59 8.0 High2021-03-09
CVE-2020-11008 Malicious URLs can still cause Git to send a stored credential to the wrong server — gitCWE-20 4.0 Medium2020-04-21
CVE-2020-5260 malicious URLs may cause Git to present stored credentials to the wrong server — gitCWE-20 9.3 Critical2020-04-14

This page lists every published CVE security advisory associated with git. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.