CVE-2025-48384

Name of the Vulnerable Software and Affected Versions Git versions 2.43.7 through 2.50.1

Description Git contains a link following vulnerability stemming from inconsistent handling of carriage return characters in configuration files. This flaw allows attackers to execute arbitrary code via malicious repositories, specifically through crafted submodules. The vulnerability enables arbitrary file writes and remote code execution (RCE) on Unix-like systems. Exploitation is actively occurring, and a proof-of-concept (PoC) is available. The vulnerability affects Git CLI versions 2.50.0 and earlier on macOS and Linux. The issue arises because Git strips carriage return characters when reading config values but does not quote them when writing, leading to altered paths during submodule initialization and potential execution of malicious hooks.

Recommendations Update Git to version 2.50.1 or later.