CVE & CISA-KEV Catalog

CVE-2025-27613

LOW
3.6
CVSS v3
NVD

Description

Gitk is a Tcl/Tk based Git history browser. Starting with 1.7.0, when a user clones an untrusted repository and runs gitk without additional command arguments, files for which the user has write permission can be created and truncated. The option Support per-file encoding must have been enabled before in Gitk's Preferences. This option is disabled by default. The same happens when Show origin of this line is used in the main window (regardless of whether Support per-file encoding is enabled or not). This vulnerability is fixed in 2.43.7, 2.44.4, 2.45.4, 2.46.4, 2.47.3, 2.48.2, 2.49.1, and 2.50.1.

How to fix

Remediation Available
gitDebian
Fixed in:1:2.30.2-1+deb11u5CVE-2025-27613
Fixed in:1:2.39.5-0+deb12u3CVE-2025-27613
Fixed in:1:2.47.3-0+deb13u1CVE-2025-27613
Fixed in:1:2.50.1-0.1CVE-2025-27613
gitRocky
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
gitRed Hat / RHEL
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
git-allRed Hat / RHEL
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
git-allRocky
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
git-coreRocky
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
git-coreRed Hat / RHEL
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
git-core-debuginfoRocky
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
git-core-debuginfoRed Hat / RHEL
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
git-core-docRed Hat / RHEL
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
git-core-docRocky
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
git-credential-libsecretRed Hat / RHEL
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
git-credential-libsecretRocky
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
git-credential-libsecret-debuginfoRocky
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
git-credential-libsecret-debuginfoRed Hat / RHEL
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
git-daemonRocky
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
git-daemonRed Hat / RHEL
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
git-daemon-debuginfoRocky
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
git-daemon-debuginfoRed Hat / RHEL
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
git-debuginfoRocky
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
git-debuginfoRed Hat / RHEL
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
git-debugsourceRocky
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
git-debugsourceRed Hat / RHEL
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
git-emailRocky
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
git-emailRed Hat / RHEL
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
git-guiRed Hat / RHEL
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
git-guiRocky
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
git-instawebRed Hat / RHEL
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
git-instawebRocky
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
git-subtreeRed Hat / RHEL
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
git-subtreeRocky
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
git-svnRed Hat / RHEL
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
git-svnRocky
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
gitkRed Hat / RHEL
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
gitkRocky
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
gitwebRed Hat / RHEL
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
gitwebRocky
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
perl-GitRocky
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
perl-GitRed Hat / RHEL
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
perl-Git-SVNRed Hat / RHEL
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
perl-Git-SVNRocky
Fixed in:0:2.47.3-1.el10_0RHSA-2025:11533
Fixed in:0:2.43.7-1.el8_10RHSA-2025:11534
Fixed in:0:2.47.3-1.el9_6RHSA-2025:11462
gitUbuntu
Fixed in:1:2.7.4-0ubuntu1.10+esm9USN-7626-1
Fixed in:1:2.17.1-1ubuntu0.18+esm2USN-7626-1
Fixed in:1:2.25.1-1ubuntu3.14+esm1USN-7626-1
Fixed in:1:2.34.1-1ubuntu1.13USN-7626-1
Fixed in:1:2.43.0-1ubuntu7.3USN-7626-1
git-guiUbuntu
Fixed in:1:2.7.4-0ubuntu1.10+esm9USN-7626-1
Fixed in:1:2.17.1-1ubuntu0.18+esm2USN-7626-1
Fixed in:1:2.25.1-1ubuntu3.14+esm1USN-7626-1
Fixed in:1:2.34.1-1ubuntu1.13USN-7626-1
Fixed in:1:2.43.0-1ubuntu7.3USN-7626-1
gitkUbuntu
Fixed in:1:2.7.4-0ubuntu1.10+esm9USN-7626-1
Fixed in:1:2.17.1-1ubuntu0.18+esm2USN-7626-1
Fixed in:1:2.25.1-1ubuntu3.14+esm1USN-7626-1
Fixed in:1:2.34.1-1ubuntu1.13USN-7626-1
Fixed in:1:2.43.0-1ubuntu7.3USN-7626-1

Remediation is compiled from vendor and distribution security advisories. Always confirm against the linked source for your exact version and platform.

CVSS v3 Vector

Exploitability

Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeChanged

Impact

ConfidentialityNone
IntegrityLow
AvailabilityNone

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N

Exploit Intelligence

0.29%probability of exploitation in 30 days
21stpercentile

Low risk: more likely to be exploited than 21% of all known CVEs.

References

Related Vulnerabilities

Other CWE-78 (OS Command Injection) vulnerabilities, ordered by exploit likelihood. View all

CVESeverityCVSSEPSSExploitedFix
CVE-2021-1498Critical9.8100%KEVFix
CVE-2014-6271Critical9.8100%KEVFix
CVE-2019-16920Critical9.8100%KEV-
CVE-2022-44877Critical9.8100%KEVFix
CVE-2020-8515Critical9.8100%KEV-
CVE-2020-9054Critical9.8100%KEVFix
Embed a live status badge for CVE-2025-27613
CVE-2025-27613 severity badge

Markdown

[![CVE-2025-27613](https://tridentstack.com/cve/badge/CVE-2025-27613.svg)](https://tridentstack.com/cve/CVE-2025-27613)

HTML

<a href="https://tridentstack.com/cve/CVE-2025-27613"><img src="https://tridentstack.com/cve/badge/CVE-2025-27613.svg" alt="CVE-2025-27613"></a>

Find and fix vulnerabilities across your fleet

TridentStack Control continuously scans your Windows, macOS, and Linux fleet for known vulnerabilities, prioritizes them by severity and active exploitation, and patches them automatically.

Start free

This product uses NVD data but is not endorsed or certified by the NVD. EPSS scores courtesy of FIRST.org (https://www.first.org/epss). Source: CISA KEV Catalog. Data as of 2025-11-04.