CVE-2025-46835

CVSS v3.1

8.5

High

Vector

AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:L

Name of the Vulnerable Software and Affected Versions: git in Debian Linux (affected versions not specified)

Description: A flaw exists in Git GUI that allows for the creation and overwriting of arbitrary writable files. This occurs when a user clones an untrusted repository and is subsequently deceived into modifying a file within a maliciously named directory inside the repository.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Argument Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-88

Related Identifiers

ALSA-2025:11462

ALSA-2025:11533

ALSA-2025:11534

ALT-PU-2025-10893

ALT-PU-2025-9420

ALT-PU-2025-9640

BDU:2025-09361

CESA-2025_11534

CVE-2025-46835

DLA-4323-1

ECHO-9190-FA06-2D45

GHSA-XFX7-68V4-V8FG

INFSA-2025_11462

INFSA-2025_11534

OESA-2025-1844

OESA-2025-1845

OESA-2025-1846

OESA-2025-1847

OESA-2025-1848

OESA-2025-1849

OPENSUSE-SU-2025:15337-1

RHSA-2025:11462

RHSA-2025:11533

RHSA-2025:11534

RHSA-2025_11462

RHSA-2025_11534

SUSE-SU-2025:03012-1

SUSE-SU-2025:03022-1

SUSE-SU-2025:03037-1

SUSE-SU-2025:20721-1

SUSE-SU-2025:20855-1

SUSE-SU-2025_03012-1

SUSE-SU-2025_03022-1

SUSE-SU-2025_03037-1

USN-7626-1

USN-7626-2

USN-7626-3

Affected Products

Alt Linux

Almalinux

Astra Linux

Centos

Debian

Git

Linuxmint

Red Hat

Rocky Linux

Suse

Ubuntu

CVE-2025-46835

Weakness Enumeration

Related Identifiers

Affected Products

References · 130