git-scm

Top products

The 15 most recently published vulnerabilities affecting git-scm.

• CVE-2025-48384Git allows arbitrary code execution through broken config quotingKEV8.0Jul 8, 2025
• CVE-2024-32465Git's protections for cloning untrusted repositories can be bypassed7.3May 14, 2024
• CVE-2024-32021Local Git clone may hardlink arbitrary user-readable files into the new repository's "objects/" directory3.9May 14, 2024
• CVE-2024-32020Cloning local Git repository by untrusted user allows the untrusted user to modify objects in the cloned repository at will3.9May 14, 2024
• CVE-2024-32004Git vulnerable to Remote Code Execution while cloning special-crafted local repositories8.1May 14, 2024
• CVE-2023-29007Arbitrary configuration injection via `git submodule deinit`7.0Apr 25, 2023
• CVE-2023-25652"git apply --reject" partially-controlled arbitrary file write7.5Apr 25, 2023
• CVE-2023-23946Git's `git apply` overwriting paths outside the working tree6.2Feb 14, 2023
• CVE-2023-22490Git vulnerable to local clone-based data exfiltration with non-local transports5.5Feb 14, 2023
• CVE-2022-23521gitattributes parsing integer overflow in git9.8Jan 17, 2023
• CVE-2022-41903Integer overflow in `git archive`, `git log --format` leading to RCE in git9.8Jan 17, 2023
• CVE-2022-41953Git clone remote code execution vulnerability in git-for-windows8.6Jan 17, 2023
• CVE-2022-39260Git vulnerable to Remote Code Execution via Heap overflow in `git shell`8.5Oct 19, 2022
• CVE-2022-39253Git subject to exposure of sensitive information via local clone of symbolic links5.5Oct 19, 2022
• CVE-2022-29187Bypass of safe.directory protections in Git7.8Jul 12, 2022