Description

Git GUI allows you to use the Git source control management tools via a GUI. When a user clones an untrusted repository and is tricked into editing a file located in a maliciously named directory in the repository, then Git GUI can create and overwrite files for which the user has write permission. This vulnerability is fixed in 2.43.7, 2.44.4, 2.45.4, 2.46.4, 2.47.3, 2.48.2, 2.49.1, and 2.50.1.

INFO

Published Date :

2025-07-10T15:09:42.735Z

Last Modified :

2025-11-04T21:10:52.169Z

Source :

GitHub_M
AFFECTED PRODUCTS

The following products are affected by CVE-2025-46835 vulnerability.

No data.

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-46835.

URL Resource
http://www.openwall.com/lists/oss-security/2025/07/08/4 cve-icon
https://github.com/j6t/git-gui/compare/dcda716dbc9c90bcac4611bd1076747671ee0906..a437f5bc93330a70b42a230e52f3bd036ca1b1da cve-icon cve-icon cve-icon
https://github.com/j6t/git-gui/security/advisories/GHSA-xfx7-68v4-v8fg cve-icon cve-icon cve-icon
https://lists.debian.org/debian-lts-announce/2025/10/msg00003.html cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2025-46835 cve-icon
https://www.cve.org/CVERecord?id=CVE-2025-46835 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact