CVE-2025-46835

ADVISORY - nist

Summary

Git GUI allows you to use the Git source control management tools via a GUI. When a user clones an untrusted repository and is tricked into editing a file located in a maliciously named directory in the repository, then Git GUI can create and overwrite files for which the user has write permission. This vulnerability is fixed in 2.43.7, 2.44.4, 2.45.4, 2.46.4, 2.47.3, 2.48.2, 2.49.1, and 2.50.1.

EPSS Score⁠: 0.00016 (0.028)

Common Weakness Enumeration (CWE)

ADVISORY - nist

CWE-88⁠

Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')

Impacted images

Advisories

Sign in to Docker Scout

See which of your images are affected by this CVE and how to fix them by signing into Docker Scout.