pkg:Alpine/git

All known vulnerabilities

• HIGH8.0CVE-2025-48384⚠ KEVGit allows arbitrary code execution through broken config quoting
  from 0, < 2.43.7-r0
• CRITICAL9.8CVE-2022-41903Git is distributed revision control system.
  from 0, < 2.32.5-r0
• CRITICAL9.8git - security update
  from 0, < 2.32.5-r0
• CRITICAL9.8An issue was found in Git before v2.24.1, v2.23.1, v2.22.2, v2.21.1, v2.20.2, v2.19.3, v2.18.2, v2.17.3, v2.16.6, v2.15.4, and v2.14.6.
  from 0, < 2.22.2-r0
• CRITICAL9.8Git before 2.19.2 on Linux and UNIX executes commands from the current working directory (as if '.' were at the end of $PATH) in certain ca…
  from 0, < 2.13.7-r2
• CRITICAL9.8git - security update
  from 0, < 2.19.1-r0
• CRITICAL9.0Git's recursive clones on case-insensitive filesystems that support symlinks are susceptible to Remote Code Execution
  from 0, < 2.39.5-r0
• HIGH8.8Git is an open source, scalable, distributed revision control system.
  from 0, < 2.30.6-r0
• HIGH8.8Cygwin Git is a patch set for the git command line tool for the cygwin environment.
  from 0, < 0
• HIGH8.8A remote code execution vulnerability exists when Git for Visual Studio improperly sanitizes input, aka 'Git for Visual Studio Remote Code…
  from 0, < 2.22.2-r0
• HIGH8.8A remote code execution vulnerability exists when Git for Visual Studio improperly sanitizes input, aka 'Git for Visual Studio Remote Code…
  from 0, < 2.22.2-r0
• HIGH8.8A remote code execution vulnerability exists when Git for Visual Studio improperly sanitizes input, aka 'Git for Visual Studio Remote Code…
  from 0, < 2.22.2-r0
• HIGH8.8A remote code execution vulnerability exists when Git for Visual Studio improperly sanitizes input, aka 'Git for Visual Studio Remote Code…
  from 0, < 2.22.2-r0
• HIGH8.8git - security update
  from 0, < 2.22.2-r0
• HIGH8.8git - security update
  from 0, < 2.14.1-r0
• HIGH8.8git - security update
  from 0, < 2.6.7-r0
• HIGH8.6Git GUI allows you to use the Git source control management tools via a GUI.
  from 0, < 2.43.7-r0
• HIGH8.6Gitk is a Tcl/Tk based Git history browser.
  from 0, < 2.43.7-r0
• HIGH8.5Git GUI allows you to use the Git source control management tools via a GUI.
  from 0, < 2.43.7-r0
• HIGH7.8Git's protections for cloning untrusted repositories can be bypassed
  from 0, < 2.39.5-r0
• HIGH7.8Git vulnerable to Remote Code Execution while cloning special-crafted local repositories
  from 0, < 2.39.5-r0
• HIGH7.8Git is a revision control system.
  from 0, < 2.32.7-r0
• HIGH7.8Git is a distributed revision control system.
  from 0, < 2.30.5-r0
• HIGH7.8git - security update
  from 0, < 2.30.3-r0
• HIGH7.8Arbitrary command execution is possible in Git before 2.20.2, 2.21.x before 2.21.1, 2.22.x before 2.22.2, 2.23.x before 2.23.1, and 2.24.x…
  from 0, < 2.22.2-r0
• HIGH7.8git - security update
  from 0, < 2.17.1-r0
• HIGH7.5Newline confusion in credential helpers can lead to credential exfiltration in git
  from 0, < 2.40.4-r0
• HIGH7.5git - security update
  from 0, < 2.32.7-r0
• HIGH7.5Git, a revision control system, is vulnerable to path traversal prior to versions 2.39.2, 2.38.4, 2.37.6, 2.36.5, 2.35.7, 2.34.7, 2.33.7, 2…
  from 0, < 2.32.6-r0
• HIGH7.5In Git for windows through 2.34.1 when using git pull to update the local warehouse, git.cmd can be run directly.
  from 0, < 0
• HIGH7.5git_connect_git in connect.c in Git before 2.30.1 allows a repository path to contain a newline character, which may result in unexpected c…
  from 0, < 2.26.3-r1
• HIGH7.5git - security update
  from 0, < 2.22.5-r0
• HIGH7.5git - security update
  from 0, < 2.22.4-r0
• HIGH7.5git - security update
  from 0, < 2.22.3-r0
• HIGH7.5A tampering vulnerability exists when Git for Visual Studio improperly handles virtual drive paths, aka 'Git for Visual Studio Tampering Vu…
  from 0, < 2.22.2-r0
• HIGH7.5In Git before 2.13.7, 2.14.x before 2.14.4, 2.15.x before 2.15.2, 2.16.x before 2.16.4, and 2.17.x before 2.17.1, code to sanity-check path…
  from 0, < 2.17.1-r0
• HIGH7.1Local Git clone may hardlink arbitrary user-readable files into the new repository's "objects/" directory
  from 0, < 2.39.5-r0
• MEDIUM6.3Git allows a buffer overflow in 'wincred' credential helper
  from 0, < 2.43.7-r0
• MEDIUM5.5git - security update
  from 0, < 2.32.6-r0
• MEDIUM5.5Git is an open source, scalable, distributed revision control system.
  from 0, < 2.30.6-r0
• MEDIUM4.7git - security update
  from 0, < 2.40.4-r0
• LOW3.6git - security update
  from 0, < 2.43.7-r0
• LOW3.3Cloning local Git repository by untrusted user allows the untrusted user to modify objects in the cloned repository at will
  from 0, < 2.39.5-r0
• LOW3.3git - security update
  from 0, < 2.22.2-r0
• LOW2.2In Git for Windows, the Windows port of Git, no localized messages are shipped with the installer.
  from 0, < 2.32.7-r0
• —Git alllows arbitrary file writes via bundle-uri parameter injection
  from 0, < 2.43.7-r0