CVE-2025-46835

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2025-46835

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-46835.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2025-46835

Downstream

ALPINE-CVE-2025-46835

BELL-CVE-2025-46835

DEBIAN-CVE-2025-46835

DLA-4323-1

OESA-2025-1844

OESA-2025-1845

OESA-2025-1846

OESA-2025-1847

OESA-2025-1848

OESA-2025-1849

RHSA-2025:11462

RHSA-2025:11533

RHSA-2025:11534

RLSA-2025:11462

RLSA-2025:11534

SUSE-SU-2025:03012-1

SUSE-SU-2025:03022-1

UBUNTU-CVE-2025-46835

USN-7626-1

openSUSE-SU-2025:15337-1

Related

Published

2025-07-10T15:15:29Z

Modified

2025-09-06T13:01:48Z

Summary

[none]

Details

Git GUI allows you to use the Git source control management tools via a GUI. When a user clones an untrusted repository and is tricked into editing a file located in a maliciously named directory in the repository, then Git GUI can create and overwrite files for which the user has write permission. This vulnerability is fixed in 2.43.7, 2.44.4, 2.45.4, 2.46.4, 2.47.3, 2.48.2, 2.49.1, and 2.50.1.

References

Affected packages