vulnerability
Rocky Linux: CVE-2025-46835: git (Multiple Advisories)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 7 | (AV:L/AC:M/Au:N/C:C/I:C/A:P) | Jul 29, 2025 | Feb 5, 2026 | Feb 5, 2026 |
Severity
7
CVSS
(AV:L/AC:M/Au:N/C:C/I:C/A:P)
Published
Jul 29, 2025
Added
Feb 5, 2026
Modified
Feb 5, 2026
Description
Git GUI allows you to use the Git source control management tools via a GUI. When a user clones an untrusted repository and is tricked into editing a file located in a maliciously named directory in the repository, then Git GUI can create and overwrite files for which the user has write permission. This vulnerability is fixed in 2.43.7, 2.44.4, 2.45.4, 2.46.4, 2.47.3, 2.48.2, 2.49.1, and 2.50.1.
Solutions
rocky-upgrade-gitrocky-upgrade-git-corerocky-upgrade-git-core-debuginforocky-upgrade-git-credential-libsecretrocky-upgrade-git-credential-libsecret-debuginforocky-upgrade-git-daemonrocky-upgrade-git-daemon-debuginforocky-upgrade-git-debuginforocky-upgrade-git-debugsourcerocky-upgrade-git-subtree
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.