CVE & CISA-KEV Catalog

CVE-2024-50349

MEDIUM
4.7
CVSS v3
NVD

Description

Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full access to internals. When Git asks for credentials via a terminal prompt (i.e. without using any credential helper), it prints out the host name for which the user is expected to provide a username and/or a password. At this stage, any URL-encoded parts have been decoded already, and are printed verbatim. This allows attackers to craft URLs that contain ANSI escape sequences that the terminal interpret to confuse users e.g. into providing passwords for trusted Git hosting sites when in fact they are then sent to untrusted sites that are under the attacker's control. This issue has been patch via commits `7725b81` and `c903985` which are included in release versions v2.48.1, v2.47.2, v2.46.3, v2.45.3, v2.44.3, v2.43.6, v2.42.4, v2.41.3, and v2.40.4. Users are advised to upgrade. Users unable to upgrade should avoid cloning from untrusted URLs, especially recursive clones.

How to fix

Remediation Available
gitDebian
Fixed in:1:2.30.2-1+deb11u4CVE-2024-50349
Fixed in:1:2.39.5-0+deb12u2CVE-2024-50349
Fixed in:1:2.47.2-0.1CVE-2024-50349
Fixed in:1:2.47.2-0.1CVE-2024-50349
gitRed Hat / RHEL
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
Fixed in:0:2.43.5-1.el9_4.3RHSA-2025:19601
Fixed in:0:2.43.5-1.el9_4.3RHSA-2025:19601
Fixed in:0:2.43.5-1.el9_4.3RHSA-2025:19601
Fixed in:0:2.43.5-1.el9_4.3RHSA-2025:19601
Fixed in:0:2.43.5-1.el9_4.3RHSA-2025:19601
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
gitRocky
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.43.5-1.el9_4.3RHSA-2025:19601
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
Fixed in:0:2.43.5-1.el9_4.3RHSA-2025:19601
Fixed in:0:2.43.5-1.el9_4.3RHSA-2025:19601
Fixed in:0:2.43.5-1.el9_4.3RHSA-2025:19601
Fixed in:0:2.43.5-1.el9_4.3RHSA-2025:19601
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
git-allRed Hat / RHEL
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.43.5-1.el9_4.3RHSA-2025:19601
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
git-allRocky
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
Fixed in:0:2.43.5-1.el9_4.3RHSA-2025:19601
git-coreRocky
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.43.5-1.el9_4.3RHSA-2025:19601
Fixed in:0:2.43.5-1.el9_4.3RHSA-2025:19601
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
Fixed in:0:2.43.5-1.el9_4.3RHSA-2025:19601
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
Fixed in:0:2.43.5-1.el9_4.3RHSA-2025:19601
git-coreRed Hat / RHEL
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.43.5-1.el9_4.3RHSA-2025:19601
Fixed in:0:2.43.5-1.el9_4.3RHSA-2025:19601
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
Fixed in:0:2.43.5-1.el9_4.3RHSA-2025:19601
Fixed in:0:2.43.5-1.el9_4.3RHSA-2025:19601
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
git-core-debuginfoRocky
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
Fixed in:0:2.43.5-1.el9_4.3RHSA-2025:19601
Fixed in:0:2.43.5-1.el9_4.3RHSA-2025:19601
Fixed in:0:2.43.5-1.el9_4.3RHSA-2025:19601
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
Fixed in:0:2.43.5-1.el9_4.3RHSA-2025:19601
git-core-debuginfoRed Hat / RHEL
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.43.5-1.el9_4.3RHSA-2025:19601
Fixed in:0:2.43.5-1.el9_4.3RHSA-2025:19601
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
Fixed in:0:2.43.5-1.el9_4.3RHSA-2025:19601
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
Fixed in:0:2.43.5-1.el9_4.3RHSA-2025:19601
git-core-docRed Hat / RHEL
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.43.5-1.el9_4.3RHSA-2025:19601
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
git-core-docRocky
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.43.5-1.el9_4.3RHSA-2025:19601
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
git-credential-libsecretRocky
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
Fixed in:0:2.43.5-1.el9_4.3RHSA-2025:19601
Fixed in:0:2.43.5-1.el9_4.3RHSA-2025:19601
Fixed in:0:2.43.5-1.el9_4.3RHSA-2025:19601
Fixed in:0:2.43.5-1.el9_4.3RHSA-2025:19601
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
git-credential-libsecretRed Hat / RHEL
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.43.5-1.el9_4.3RHSA-2025:19601
Fixed in:0:2.43.5-1.el9_4.3RHSA-2025:19601
Fixed in:0:2.43.5-1.el9_4.3RHSA-2025:19601
Fixed in:0:2.43.5-1.el9_4.3RHSA-2025:19601
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
git-credential-libsecret-debuginfoRocky
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
Fixed in:0:2.43.5-1.el9_4.3RHSA-2025:19601
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
Fixed in:0:2.43.5-1.el9_4.3RHSA-2025:19601
Fixed in:0:2.43.5-1.el9_4.3RHSA-2025:19601
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
Fixed in:0:2.43.5-1.el9_4.3RHSA-2025:19601
git-credential-libsecret-debuginfoRed Hat / RHEL
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
Fixed in:0:2.43.5-1.el9_4.3RHSA-2025:19601
Fixed in:0:2.43.5-1.el9_4.3RHSA-2025:19601
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
Fixed in:0:2.43.5-1.el9_4.3RHSA-2025:19601
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
Fixed in:0:2.43.5-1.el9_4.3RHSA-2025:19601
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
git-daemonRed Hat / RHEL
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
Fixed in:0:2.43.5-1.el9_4.3RHSA-2025:19601
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
Fixed in:0:2.43.5-1.el9_4.3RHSA-2025:19601
Fixed in:0:2.43.5-1.el9_4.3RHSA-2025:19601
Fixed in:0:2.43.5-1.el9_4.3RHSA-2025:19601
git-daemonRocky
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
Fixed in:0:2.43.5-1.el9_4.3RHSA-2025:19601
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
Fixed in:0:2.43.5-1.el9_4.3RHSA-2025:19601
Fixed in:0:2.43.5-1.el9_4.3RHSA-2025:19601
Fixed in:0:2.43.5-1.el9_4.3RHSA-2025:19601
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
git-daemon-debuginfoRed Hat / RHEL
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
Fixed in:0:2.43.5-1.el9_4.3RHSA-2025:19601
Fixed in:0:2.43.5-1.el9_4.3RHSA-2025:19601
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
Fixed in:0:2.43.5-1.el9_4.3RHSA-2025:19601
Fixed in:0:2.43.5-1.el9_4.3RHSA-2025:19601
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
git-daemon-debuginfoRocky
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
Fixed in:0:2.43.5-1.el9_4.3RHSA-2025:19601
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
Fixed in:0:2.43.5-1.el9_4.3RHSA-2025:19601
Fixed in:0:2.43.5-1.el9_4.3RHSA-2025:19601
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
Fixed in:0:2.43.5-1.el9_4.3RHSA-2025:19601
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
git-debuginfoRed Hat / RHEL
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
Fixed in:0:2.43.5-1.el9_4.3RHSA-2025:19601
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
Fixed in:0:2.43.5-1.el9_4.3RHSA-2025:19601
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
Fixed in:0:2.43.5-1.el9_4.3RHSA-2025:19601
Fixed in:0:2.43.5-1.el9_4.3RHSA-2025:19601
git-debuginfoRocky
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
Fixed in:0:2.43.5-1.el9_4.3RHSA-2025:19601
Fixed in:0:2.43.5-1.el9_4.3RHSA-2025:19601
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
Fixed in:0:2.43.5-1.el9_4.3RHSA-2025:19601
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
Fixed in:0:2.43.5-1.el9_4.3RHSA-2025:19601
git-debugsourceRocky
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.43.5-1.el9_4.3RHSA-2025:19601
Fixed in:0:2.43.5-1.el9_4.3RHSA-2025:19601
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
Fixed in:0:2.43.5-1.el9_4.3RHSA-2025:19601
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
Fixed in:0:2.43.5-1.el9_4.3RHSA-2025:19601
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
git-debugsourceRed Hat / RHEL
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.43.5-1.el9_4.3RHSA-2025:19601
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
Fixed in:0:2.43.5-1.el9_4.3RHSA-2025:19601
Fixed in:0:2.43.5-1.el9_4.3RHSA-2025:19601
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
Fixed in:0:2.43.5-1.el9_4.3RHSA-2025:19601
git-emailRed Hat / RHEL
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
Fixed in:0:2.43.5-1.el9_4.3RHSA-2025:19601
git-emailRocky
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.43.5-1.el9_4.3RHSA-2025:19601
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
git-guiRocky
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
Fixed in:0:2.43.5-1.el9_4.3RHSA-2025:19601
git-guiRed Hat / RHEL
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.43.5-1.el9_4.3RHSA-2025:19601
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
git-instawebRed Hat / RHEL
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.43.5-1.el9_4.3RHSA-2025:19601
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
git-instawebRocky
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.43.5-1.el9_4.3RHSA-2025:19601
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
git-subtreeRocky
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.43.5-1.el9_4.3RHSA-2025:19601
Fixed in:0:2.43.5-1.el9_4.3RHSA-2025:19601
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
Fixed in:0:2.43.5-1.el9_4.3RHSA-2025:19601
Fixed in:0:2.43.5-1.el9_4.3RHSA-2025:19601
git-subtreeRed Hat / RHEL
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.43.5-1.el9_4.3RHSA-2025:19601
Fixed in:0:2.43.5-1.el9_4.3RHSA-2025:19601
Fixed in:0:2.43.5-1.el9_4.3RHSA-2025:19601
Fixed in:0:2.43.5-1.el9_4.3RHSA-2025:19601
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
git-svnRocky
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
Fixed in:0:2.43.5-1.el9_4.3RHSA-2025:19601
git-svnRed Hat / RHEL
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.43.5-1.el9_4.3RHSA-2025:19601
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
gitkRed Hat / RHEL
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.43.5-1.el9_4.3RHSA-2025:19601
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
gitkRocky
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
Fixed in:0:2.43.5-1.el9_4.3RHSA-2025:19601
gitwebRocky
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.43.5-1.el9_4.3RHSA-2025:19601
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
gitwebRed Hat / RHEL
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.43.5-1.el9_4.3RHSA-2025:19601
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
perl-GitRed Hat / RHEL
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.43.5-1.el9_4.3RHSA-2025:19601
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
perl-GitRocky
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.43.5-1.el9_4.3RHSA-2025:19601
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
perl-Git-SVNRed Hat / RHEL
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.43.5-1.el9_4.3RHSA-2025:19601
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
perl-Git-SVNRocky
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
Fixed in:0:2.43.5-1.el9_4.3RHSA-2025:19601
gitUbuntu
Fixed in:1:2.7.4-0ubuntu1.10+esm13USN-7964-1
Fixed in:1:2.17.1-1ubuntu0.18+esm6USN-7964-1
Fixed in:1:2.25.1-1ubuntu3.14USN-7207-2
Fixed in:1:2.34.1-1ubuntu1.12USN-7207-1
Fixed in:1:2.43.0-1ubuntu7.2USN-7207-1
GitWindows application
Affected:2.47.0 2.47.2Fixed in:2.47.2The Git Development Community
Affected:2.46.3 2.46.3Fixed in:2.46.3The Git Development Community
Affected:2.45.3 2.45.3Fixed in:2.45.3The Git Development Community
Affected:2.42.0 2.42.4Fixed in:2.42.4The Git Development Community
Affected:2.41.0 2.41.3Fixed in:2.41.3The Git Development Community
Affected:2.43.0 2.43.6Fixed in:2.43.6The Git Development Community
Affected:2.44.3 2.44.3Fixed in:2.44.3The Git Development Community
Affected:2.40.4Fixed in:2.40.4The Git Development Community

Remediation is compiled from vendor and distribution security advisories. Always confirm against the linked source for your exact version and platform.

CVSS v3 Vector

Exploitability

Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeChanged

Impact

ConfidentialityNone
IntegrityLow
AvailabilityNone

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N

Exploit Intelligence

0.64%probability of exploitation in 30 days
46thpercentile

Moderate risk: more likely to be exploited than 46% of all known CVEs.

References

Embed a live status badge for CVE-2024-50349
CVE-2024-50349 severity badge

Markdown

[![CVE-2024-50349](https://tridentstack.com/cve/badge/CVE-2024-50349.svg)](https://tridentstack.com/cve/CVE-2024-50349)

HTML

<a href="https://tridentstack.com/cve/CVE-2024-50349"><img src="https://tridentstack.com/cve/badge/CVE-2024-50349.svg" alt="CVE-2024-50349"></a>

Find and fix vulnerabilities across your fleet

TridentStack Control continuously scans your Windows, macOS, and Linux fleet for known vulnerabilities, prioritizes them by severity and active exploitation, and patches them automatically.

Start free

This product uses NVD data but is not endorsed or certified by the NVD. EPSS scores courtesy of FIRST.org (https://www.first.org/epss). Source: CISA KEV Catalog. Data as of 2025-12-18.