CVE-2023-23618

Name of the Vulnerable Software and Affected Versions Git for Windows versions prior to 2.39.2

Description The issue is related to the execution of untrusted code when gitk is run on Windows. This can be exploited through social engineering to trick users into running untrusted code. The problem arises because gitk potentially runs executables from the current directory inadvertently.

Recommendations For versions prior to 2.39.2, update to version 2.39.2 to resolve the issue. As a temporary workaround, avoid using gitk (or Git GUI's "Visualize History" functionality) in clones of untrusted repositories.