ByteOS Network

NVD Vulnerability Details :

CVE-2025-46835

Awaiting Analysis

Source-security-advisories@github.com

Published At-10 Jul, 2025 | 15:15

Updated At-04 Nov, 2025 | 22:16

Git GUI allows you to use the Git source control management tools via a GUI. When a user clones an untrusted repository and is tricked into editing a file located in a maliciously named directory in the repository, then Git GUI can create and overwrite files for which the user has write permission. This vulnerability is fixed in 2.43.7, 2.44.4, 2.45.4, 2.46.4, 2.47.3, 2.48.2, 2.49.1, and 2.50.1.

Date Added	Due Date	Vulnerability Name	Required Action
	N/A

Metrics

Type	Version	Base score	Base severity	Vector
Secondary	3.1	8.5	HIGH	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:L

Type: Secondary

Version: 3.1

Base score: 8.5

Base severity: HIGH

Vector:

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:L

Weaknesses

CWE ID	Type	Source
CWE-88	Secondary	security-advisories@github.com

CWE ID: CWE-88

Type: Secondary

Source: security-advisories@github.com

References

Hyperlink	Source	Resource
https://github.com/j6t/git-gui/compare/dcda716dbc9c90bcac4611bd1076747671ee0906..a437f5bc93330a70b42a230e52f3bd036ca1b1da	security-advisories@github.com	N/A
https://github.com/j6t/git-gui/security/advisories/GHSA-xfx7-68v4-v8fg	security-advisories@github.com	N/A
http://www.openwall.com/lists/oss-security/2025/07/08/4	af854a3a-2127-422b-91ae-364da2661108	N/A
https://lists.debian.org/debian-lts-announce/2025/10/msg00003.html	af854a3a-2127-422b-91ae-364da2661108	N/A