Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full access to internals. When reading a config value, Git strips any trailing carriage return and line feed (CRLF). When writing a config entry, values with a trailing CR are not quoted, causing the CR to be lost when the config is later read. When initializing a submodule, if the submodule path contains a trailing CR, the altered path is read resulting in the submodule being checked out to an incorrect location. If a symlink exists that points the altered path to the submodule hooks directory, and the submodule contains an executable post-checkout hook, the script may be unintentionally executed after checkout. This vulnerability is fixed in v2.43.7, v2.44.4, v2.45.4, v2.46.4, v2.47.3, v2.48.2, v2.49.1, and v2.50.1.
History

Tue, 26 Aug 2025 15:00:00 +0000

Type Values Removed Values Added
First Time appeared Git-scm
Git-scm git
CPEs cpe:2.3:a:git-scm:git:*:*:*:*:*:*:*:*
Vendors & Products Git-scm
Git-scm git

Mon, 25 Aug 2025 21:45:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

kev

{'dateAdded': '2025-08-25T00:00:00+00:00', 'dueDate': '2025-09-15T00:00:00+00:00'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'active', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Wed, 16 Jul 2025 13:45:00 +0000

Type Values Removed Values Added
Metrics epss

{'score': 0.00014}

epss

{'score': 0.00019}


Sat, 12 Jul 2025 13:45:00 +0000

Type Values Removed Values Added
Metrics epss

{'score': 0.00016}

epss

{'score': 0.00014}


Wed, 09 Jul 2025 00:30:00 +0000


Tue, 08 Jul 2025 19:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Tue, 08 Jul 2025 18:30:00 +0000

Type Values Removed Values Added
Description Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full access to internals. When reading a config value, Git strips any trailing carriage return and line feed (CRLF). When writing a config entry, values with a trailing CR are not quoted, causing the CR to be lost when the config is later read. When initializing a submodule, if the submodule path contains a trailing CR, the altered path is read resulting in the submodule being checked out to an incorrect location. If a symlink exists that points the altered path to the submodule hooks directory, and the submodule contains an executable post-checkout hook, the script may be unintentionally executed after checkout. This vulnerability is fixed in v2.43.7, v2.44.4, v2.45.4, v2.46.4, v2.47.3, v2.48.2, v2.49.1, and v2.50.1.
Title Git allows arbitrary code execution through broken config quoting
Weaknesses CWE-436
CWE-59
References
Metrics cvssV3_1

{'score': 8.1, 'vector': 'CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H'}


cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published:

Updated: 2025-08-26T03:55:22.708Z

Reserved: 2025-05-19T15:46:00.397Z

Link: CVE-2025-48384

cve-icon Vulnrichment

Updated: 2025-07-08T18:35:20.601Z

cve-icon NVD

Status : Analyzed

Published: 2025-07-08T19:15:42.800

Modified: 2025-08-26T14:45:27.957

Link: CVE-2025-48384

cve-icon Redhat

Severity : Important

Publid Date: 2025-07-08T18:23:48Z

Links: CVE-2025-48384 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2025-07-13T21:47:16Z