CVE-2025-27613

| EUVD-2025-21005 LOW
2025-07-10 [email protected]
3.6
CVSS 3.1

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N
Attack Vector
Local
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Scope
Changed
Confidentiality
None
Integrity
Low
Availability
None

Lifecycle Timeline

4
Patch Released
Mar 31, 2026 - 21:13 nvd
Patch available
Analysis Generated
Mar 16, 2026 - 06:52 vuln.today
EUVD ID Assigned
Mar 16, 2026 - 06:52 euvd
EUVD-2025-21005
CVE Published
Jul 10, 2025 - 15:15 nvd
LOW 3.6

Tags

Command Injection Ubuntu Debian

Description

Gitk is a Tcl/Tk based Git history browser. Starting with 1.7.0, when a user clones an untrusted repository and runs gitk without additional command arguments, files for which the user has write permission can be created and truncated. The option Support per-file encoding must have been enabled before in Gitk's Preferences. This option is disabled by default. The same happens when Show origin of this line is used in the main window (regardless of whether Support per-file encoding is enabled or not). This vulnerability is fixed in 2.43.7, 2.44.4, 2.45.4, 2.46.4, 2.47.3, 2.48.2, 2.49.1, and 2.50.1.

Analysis

Gitk is a Tcl/Tk based Git history browser. Starting with 1.7.0, when a user clones an untrusted repository and runs gitk without additional command arguments, files for which the user has write permission can be created and truncated. The option Support per-file encoding must have been enabled before in Gitk's Preferences. This option is disabled by default. The same happens when Show origin of this line is used in the main window (regardless of whether Support per-file encoding is enabled or not). This vulnerability is fixed in 2.43.7, 2.44.4, 2.45.4, 2.46.4, 2.47.3, 2.48.2, 2.49.1, and 2.50.1.

Technical Context

Command injection allows an attacker to execute arbitrary OS commands on the host system through a vulnerable application that passes user input to system shells. This vulnerability is classified as OS Command Injection (CWE-78).

Remediation

Avoid passing user input to system commands. Use language-specific APIs instead of shell commands. If unavoidable, use strict input validation and escaping.

Priority Score

18
Low Medium High Critical
KEV: 0
EPSS: +0.0
CVSS: +18
POC: 0

Vendor Status

Ubuntu

Priority: Medium
git
Release Status Version
noble released 1:2.43.0-1ubuntu7.3
oracular released 1:2.45.2-1ubuntu1.2
plucky released 1:2.48.1-0ubuntu1.1
upstream released 2.43.7
bionic released 1:2.17.1-1ubuntu0.18+esm4
focal released 1:2.25.1-1ubuntu3.14+esm3
jammy released 1:2.34.1-1ubuntu1.15
xenial released 1:2.7.4-0ubuntu1.10+esm11
USN-7626-1

Debian

Bug #1108983
git
Release Status Fixed Version Urgency
bullseye fixed 1:2.30.2-1+deb11u5 -
bullseye (security) fixed 1:2.30.2-1+deb11u5 -
bookworm vulnerable 1:2.39.5-0+deb12u3 -
bookworm (security) vulnerable 1:2.39.5-0+deb12u2 -
trixie fixed 1:2.47.3-0+deb13u1 -
forky fixed 1:2.51.0-1 -
sid fixed 1:2.53.0-1 -
(unstable) fixed 1:2.50.1-0.1 -
DLA-4323-1

Share

CVE-2025-27613 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy