Количество 11
Количество 11
CVE-2025-27613
Gitk is a Tcl/Tk based Git history browser. Starting with 1.7.0, when a user clones an untrusted repository and runs gitk without additional command arguments, files for which the user has write permission can be created and truncated. The option Support per-file encoding must have been enabled before in Gitk's Preferences. This option is disabled by default. The same happens when Show origin of this line is used in the main window (regardless of whether Support per-file encoding is enabled or not). This vulnerability is fixed in 2.43.7, 2.44.4, 2.45.4, 2.46.4, 2.47.3, 2.48.2, 2.49.1, and 2.50.1.
CVE-2025-27613
Gitk is a Tcl/Tk based Git history browser. Starting with 1.7.0, when a user clones an untrusted repository and runs gitk without additional command arguments, files for which the user has write permission can be created and truncated. The option Support per-file encoding must have been enabled before in Gitk's Preferences. This option is disabled by default. The same happens when Show origin of this line is used in the main window (regardless of whether Support per-file encoding is enabled or not). This vulnerability is fixed in 2.43.7, 2.44.4, 2.45.4, 2.46.4, 2.47.3, 2.48.2, 2.49.1, and 2.50.1.
CVE-2025-27613
Gitk is a Tcl/Tk based Git history browser. Starting with 1.7.0, when a user clones an untrusted repository and runs gitk without additional command arguments, files for which the user has write permission can be created and truncated. The option Support per-file encoding must have been enabled before in Gitk's Preferences. This option is disabled by default. The same happens when Show origin of this line is used in the main window (regardless of whether Support per-file encoding is enabled or not). This vulnerability is fixed in 2.43.7, 2.44.4, 2.45.4, 2.46.4, 2.47.3, 2.48.2, 2.49.1, and 2.50.1.
CVE-2025-27613
MITRE: CVE-2025-27613 Gitk Arguments Vulnerability
CVE-2025-27613
Gitk is a Tcl/Tk based Git history browser. Starting with 1.7.0, when ...
BDU:2025-09364
Уязвимость функций Support per-file encoding() и Show origin of this line() браузера Gitk, позволяющая нарушителю получить несанкционированный доступ на создание и удаление файлов пользователя
RLSA-2025:11534
Important: git security update
ELSA-2025-11534
ELSA-2025-11534: git security update (IMPORTANT)
ELSA-2025-11533
ELSA-2025-11533: git security update (IMPORTANT)
ELSA-2025-11462
ELSA-2025-11462: git security update (IMPORTANT)
ROS-20250807-04
Множественные уязвимости git
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2025-27613 Gitk is a Tcl/Tk based Git history browser. Starting with 1.7.0, when a user clones an untrusted repository and runs gitk without additional command arguments, files for which the user has write permission can be created and truncated. The option Support per-file encoding must have been enabled before in Gitk's Preferences. This option is disabled by default. The same happens when Show origin of this line is used in the main window (regardless of whether Support per-file encoding is enabled or not). This vulnerability is fixed in 2.43.7, 2.44.4, 2.45.4, 2.46.4, 2.47.3, 2.48.2, 2.49.1, and 2.50.1. | CVSS3: 3.6 | 0% Низкий | около 1 месяца назад |
 | CVE-2025-27613 Gitk is a Tcl/Tk based Git history browser. Starting with 1.7.0, when a user clones an untrusted repository and runs gitk without additional command arguments, files for which the user has write permission can be created and truncated. The option Support per-file encoding must have been enabled before in Gitk's Preferences. This option is disabled by default. The same happens when Show origin of this line is used in the main window (regardless of whether Support per-file encoding is enabled or not). This vulnerability is fixed in 2.43.7, 2.44.4, 2.45.4, 2.46.4, 2.47.3, 2.48.2, 2.49.1, and 2.50.1. | CVSS3: 4.3 | 0% Низкий | около 1 месяца назад |
 | CVE-2025-27613 Gitk is a Tcl/Tk based Git history browser. Starting with 1.7.0, when a user clones an untrusted repository and runs gitk without additional command arguments, files for which the user has write permission can be created and truncated. The option Support per-file encoding must have been enabled before in Gitk's Preferences. This option is disabled by default. The same happens when Show origin of this line is used in the main window (regardless of whether Support per-file encoding is enabled or not). This vulnerability is fixed in 2.43.7, 2.44.4, 2.45.4, 2.46.4, 2.47.3, 2.48.2, 2.49.1, and 2.50.1. | CVSS3: 3.6 | 0% Низкий | около 1 месяца назад |
 | CVE-2025-27613 MITRE: CVE-2025-27613 Gitk Arguments Vulnerability | 0% Низкий | около 1 месяца назад | |
| CVE-2025-27613 Gitk is a Tcl/Tk based Git history browser. Starting with 1.7.0, when ... | CVSS3: 3.6 | 0% Низкий | около 1 месяца назад |
 | BDU:2025-09364 Уязвимость функций Support per-file encoding() и Show origin of this line() браузера Gitk, позволяющая нарушителю получить несанкционированный доступ на создание и удаление файлов пользователя | CVSS3: 3.6 | 0% Низкий | около 1 месяца назад |
 | RLSA-2025:11534 Important: git security update | 12 дней назад | ||
| ELSA-2025-11534 ELSA-2025-11534: git security update (IMPORTANT) | 20 дней назад | ||
| ELSA-2025-11533 ELSA-2025-11533: git security update (IMPORTANT) | 20 дней назад | ||
| ELSA-2025-11462 ELSA-2025-11462: git security update (IMPORTANT) | 21 день назад | ||
 | ROS-20250807-04 Множественные уязвимости git | CVSS3: 8.6 | 4 дня назад |
Уязвимостей на страницу