Bitnami/git — 13 CVEs · VulnScope

pkg:Bitnami/git

13 total CVEsCRITICAL2HIGH7MEDIUM2LOW1

✅ Check your installed version

All known vulnerabilities

HIGH8.0CVE-2025-48384⚠ KEVGit allows arbitrary code execution through broken config quoting
from 0, < 2.50.1
CRITICAL9.8CVE-2022-25648ruby-git - security update
from 0, < 1.11.0
CRITICAL9.0Git's recursive clones on case-insensitive filesystems that support symlinks are susceptible to Remote Code Execution
from 0, < 2.39.4, >= 2.40.0, < 2.40.2, >= 2.41.0, < 2.41.1, >= 2.42.0, < 2.42.2, >= 2.43.0, < 2.43.4, >= 2.44.0, < 2.44.1, >= 2.45.0, < 2.45.1
HIGH8.8The sideband payload is passed unfiltered to the terminal in git
from 0, < 2.40.5, >= 2.41.0, < 2.41.4, >= 2.42.0, < 2.42.5, >= 2.43.0, < 2.43.7, >= 2.44.0, < 2.44.4, >= 2.45.0, < 2.45.4, >= 2.46.0, < 2.46.4, >= 2.47.0, < 2.47.2, >= 2.48.0, < 2.48.2
HIGH7.8Git's protections for cloning untrusted repositories can be bypassed
from 0, < 2.39.4, >= 2.40.0, < 2.40.2, >= 2.41.0, < 2.41.1, >= 2.42.0, < 2.42.2, >= 2.43.0, < 2.43.4, >= 2.44.0, < 2.44.1, >= 2.45.0, < 2.45.1
HIGH7.8Git vulnerable to Remote Code Execution while cloning special-crafted local repositories
from 0, < 2.39.4, >= 2.40.0, < 2.40.2, >= 2.41.0, < 2.41.1, >= 2.42.0, < 2.42.2, >= 2.43.0, < 2.43.4, >= 2.44.0, < 2.44.1, >= 2.45.0, < 2.45.1
HIGH7.5Newline confusion in credential helpers can lead to credential exfiltration in git
from 0, < 2.40.4, >= 2.41.0, < 2.41.3, >= 2.42.0, < 2.42.4, >= 2.43.0, < 2.43.6, >= 2.44.0, < 2.44.3, >= 2.45.0, < 2.45.3, >= 2.46.0, < 2.46.3, >= 2.47.0, < 2.47.2, >= 2.48.0, < 2.48.1
HIGH7.5git - security update
from 0, < 2.17.4, >= 2.22.0, < 2.22.3
HIGH7.1Local Git clone may hardlink arbitrary user-readable files into the new repository's "objects/" directory
from 0, < 2.39.4, >= 2.40.0, < 2.40.2, >= 2.41.0, < 2.41.1, >= 2.42.0, < 2.42.2, >= 2.43.0, < 2.43.4, >= 2.44.0, < 2.44.1, >= 2.45.0, < 2.45.1
MEDIUM6.3Git allows a buffer overflow in 'wincred' credential helper
from 0, < 2.50.1
MEDIUM4.7git - security update
from 0, < 2.40.4, >= 2.41.0, < 2.41.3, >= 2.42.0, < 2.42.4, >= 2.43.0, < 2.43.6, >= 2.44.0, < 2.44.3, >= 2.45.0, < 2.45.3, >= 2.46.0, < 2.46.3, >= 2.47.0, < 2.47.2, >= 2.48.0, < 2.48.1
LOW3.3Cloning local Git repository by untrusted user allows the untrusted user to modify objects in the cloned repository at will
from 0, < 2.39.4, >= 2.40.0, < 2.40.2, >= 2.41.0, < 2.41.1, >= 2.42.0, < 2.42.2, >= 2.43.0, < 2.43.4, >= 2.44.0, < 2.44.1, >= 2.45.0, < 2.45.1
—Git alllows arbitrary file writes via bundle-uri parameter injection
from 0, < 2.50.1