{"url":"http://public2.vulnerablecode.io/api/packages/206345?format=json","purl":"pkg:apk/alpine/git@2.50.1-r0?arch=armv7&distroversion=v3.23&reponame=main","type":"apk","namespace":"alpine","name":"git","version":"2.50.1-r0","qualifiers":{"arch":"armv7","distroversion":"v3.23","reponame":"main"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":null,"latest_non_vulnerable_version":null,"affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/20223?format=json","vulnerability_id":"VCID-3ujn-jxp6-47bv","summary":"git: Git arbitrary code execution","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-48384.json","reference_id":"","reference_type":"","scores":[{"value":"8.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-48384.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-48384","reference_id":"","reference_type":"","scores":[{"value":"0.00603","scoring_system":"epss","scoring_elements":"0.69866","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-48384"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48384","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48384"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108983","reference_id":"1108983","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108983"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2378806","reference_id":"2378806","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2378806"},{"reference_url":"https://github.com/git/git/security/advisories/GHSA-vwqx-4fm8-6qc9","reference_id":"GHSA-vwqx-4fm8-6qc9","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-08-26T03:55:23Z/"}],"url":"https://github.com/git/git/security/advisories/GHSA-vwqx-4fm8-6qc9"},{"reference_url":"https://security.gentoo.org/glsa/202507-09","reference_id":"GLSA-202507-09","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202507-09"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:11462","reference_id":"RHSA-2025:11462","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:11462"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:11533","reference_id":"RHSA-2025:11533","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:11533"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:11534","reference_id":"RHSA-2025:11534","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:11534"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:11686","reference_id":"RHSA-2025:11686","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:11686"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:11688","reference_id":"RHSA-2025:11688","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:11688"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:11793","reference_id":"RHSA-2025:11793","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:11793"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:11794","reference_id":"RHSA-2025:11794","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:11794"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:11795","reference_id":"RHSA-2025:11795","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:11795"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:11796","reference_id":"RHSA-2025:11796","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:11796"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:11800","reference_id":"RHSA-2025:11800","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:11800"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:11801","reference_id":"RHSA-2025:11801","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:11801"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13276","reference_id":"RHSA-2025:13276","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:13276"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13325","reference_id":"RHSA-2025:13325","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:13325"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13933","reference_id":"RHSA-2025:13933","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:13933"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:14059","reference_id":"RHSA-2025:14059","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:14059"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:14396","reference_id":"RHSA-2025:14396","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:14396"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:14853","reference_id":"RHSA-2025:14853","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:14853"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:14858","reference_id":"RHSA-2025:14858","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:14858"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:15308","reference_id":"RHSA-2025:15308","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:15308"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:15672","reference_id":"RHSA-2025:15672","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:15672"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:15827","reference_id":"RHSA-2025:15827","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:15827"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:15828","reference_id":"RHSA-2025:15828","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:15828"},{"reference_url":"https://usn.ubuntu.com/7626-1/","reference_id":"USN-7626-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7626-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/206345?format=json","purl":"pkg:apk/alpine/git@2.50.1-r0?arch=armv7&distroversion=v3.23&reponame=main","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/git@2.50.1-r0%3Farch=armv7&distroversion=v3.23&reponame=main"}],"aliases":["CVE-2025-48384"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3ujn-jxp6-47bv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/20236?format=json","vulnerability_id":"VCID-4gm4-qnst-r3eg","summary":"gitk: Git file creation flaw","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-27613.json","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-27613.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-27613","reference_id":"","reference_type":"","scores":[{"value":"0.00043","scoring_system":"epss","scoring_elements":"0.13709","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-27613"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-27613","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-27613"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108983","reference_id":"1108983","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108983"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2379124","reference_id":"2379124","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2379124"},{"reference_url":"https://github.com/j6t/gitk/compare/465f03869ae11acd04abfa1b83c67879c867410c..026c397d911cde55924d7eb1311d0fd6e2e105d5","reference_id":"465f03869ae11acd04abfa1b83c67879c867410c..026c397d911cde55924d7eb1311d0fd6e2e105d5","reference_type":"","scores":[{"value":"3.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-10T15:55:29Z/"}],"url":"https://github.com/j6t/gitk/compare/465f03869ae11acd04abfa1b83c67879c867410c..026c397d911cde55924d7eb1311d0fd6e2e105d5"},{"reference_url":"https://github.com/j6t/gitk/compare/7dd272eca153058da2e8d5b9960bbbf0b4f0cbaa..67a128b91e25978a15f9f7e194d81b441d603652","reference_id":"7dd272eca153058da2e8d5b9960bbbf0b4f0cbaa..67a128b91e25978a15f9f7e194d81b441d603652","reference_type":"","scores":[{"value":"3.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-10T15:55:29Z/"}],"url":"https://github.com/j6t/gitk/compare/7dd272eca153058da2e8d5b9960bbbf0b4f0cbaa..67a128b91e25978a15f9f7e194d81b441d603652"},{"reference_url":"https://github.com/j6t/gitk/security/advisories/GHSA-f3cw-xrj3-wr2v","reference_id":"GHSA-f3cw-xrj3-wr2v","reference_type":"","scores":[{"value":"3.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-10T15:55:29Z/"}],"url":"https://github.com/j6t/gitk/security/advisories/GHSA-f3cw-xrj3-wr2v"},{"reference_url":"https://security.gentoo.org/glsa/202507-09","reference_id":"GLSA-202507-09","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202507-09"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:11462","reference_id":"RHSA-2025:11462","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:11462"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:11533","reference_id":"RHSA-2025:11533","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:11533"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:11534","reference_id":"RHSA-2025:11534","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:11534"},{"reference_url":"https://usn.ubuntu.com/7626-1/","reference_id":"USN-7626-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7626-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/206345?format=json","purl":"pkg:apk/alpine/git@2.50.1-r0?arch=armv7&distroversion=v3.23&reponame=main","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/git@2.50.1-r0%3Farch=armv7&distroversion=v3.23&reponame=main"}],"aliases":["CVE-2025-27613"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4gm4-qnst-r3eg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/19933?format=json","vulnerability_id":"VCID-axfs-fyhn-fyds","summary":"git: Git GUI can create and overwrite files for which the user has write permission","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-46835.json","reference_id":"","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-46835.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-46835","reference_id":"","reference_type":"","scores":[{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.11601","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-46835"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-46835","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-46835"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108983","reference_id":"1108983","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108983"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2379326","reference_id":"2379326","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2379326"},{"reference_url":"https://github.com/j6t/git-gui/compare/dcda716dbc9c90bcac4611bd1076747671ee0906..a437f5bc93330a70b42a230e52f3bd036ca1b1da","reference_id":"dcda716dbc9c90bcac4611bd1076747671ee0906..a437f5bc93330a70b42a230e52f3bd036ca1b1da","reference_type":"","scores":[{"value":"8.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-10T15:53:11Z/"}],"url":"https://github.com/j6t/git-gui/compare/dcda716dbc9c90bcac4611bd1076747671ee0906..a437f5bc93330a70b42a230e52f3bd036ca1b1da"},{"reference_url":"https://github.com/j6t/git-gui/security/advisories/GHSA-xfx7-68v4-v8fg","reference_id":"GHSA-xfx7-68v4-v8fg","reference_type":"","scores":[{"value":"8.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-10T15:53:11Z/"}],"url":"https://github.com/j6t/git-gui/security/advisories/GHSA-xfx7-68v4-v8fg"},{"reference_url":"https://security.gentoo.org/glsa/202507-09","reference_id":"GLSA-202507-09","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202507-09"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:11462","reference_id":"RHSA-2025:11462","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:11462"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:11533","reference_id":"RHSA-2025:11533","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:11533"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:11534","reference_id":"RHSA-2025:11534","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:11534"},{"reference_url":"https://usn.ubuntu.com/7626-1/","reference_id":"USN-7626-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7626-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/206345?format=json","purl":"pkg:apk/alpine/git@2.50.1-r0?arch=armv7&distroversion=v3.23&reponame=main","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/git@2.50.1-r0%3Farch=armv7&distroversion=v3.23&reponame=main"}],"aliases":["CVE-2025-46835"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-axfs-fyhn-fyds"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/20235?format=json","vulnerability_id":"VCID-pe7z-9kqy-hken","summary":"git: Git buffer overflow","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-48386.json","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-48386.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-48386","reference_id":"","reference_type":"","scores":[{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.07599","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-48386"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2378807","reference_id":"2378807","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2378807"},{"reference_url":"https://github.com/git/git/security/advisories/GHSA-4v56-3xvj-xvfr","reference_id":"GHSA-4v56-3xvj-xvfr","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-08T18:46:25Z/"}],"url":"https://github.com/git/git/security/advisories/GHSA-4v56-3xvj-xvfr"},{"reference_url":"https://security.gentoo.org/glsa/202507-09","reference_id":"GLSA-202507-09","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202507-09"},{"reference_url":"https://usn.ubuntu.com/7626-1/","reference_id":"USN-7626-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7626-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/206345?format=json","purl":"pkg:apk/alpine/git@2.50.1-r0?arch=armv7&distroversion=v3.23&reponame=main","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/git@2.50.1-r0%3Farch=armv7&distroversion=v3.23&reponame=main"}],"aliases":["CVE-2025-48386"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pe7z-9kqy-hken"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/20238?format=json","vulnerability_id":"VCID-vyga-trqb-23fb","summary":"gitk: git script execution flaw","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-27614.json","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-27614.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-27614","reference_id":"","reference_type":"","scores":[{"value":"0.00028","scoring_system":"epss","scoring_elements":"0.08665","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-27614"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108983","reference_id":"1108983","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108983"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2379125","reference_id":"2379125","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2379125"},{"reference_url":"https://github.com/j6t/gitk/commit/8e3070aa5e331be45d4d03e3be41f84494fce129","reference_id":"8e3070aa5e331be45d4d03e3be41f84494fce129","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-10T15:54:41Z/"}],"url":"https://github.com/j6t/gitk/commit/8e3070aa5e331be45d4d03e3be41f84494fce129"},{"reference_url":"https://github.com/j6t/gitk/security/advisories/GHSA-g4v5-fjv9-mhhc","reference_id":"GHSA-g4v5-fjv9-mhhc","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-10T15:54:41Z/"}],"url":"https://github.com/j6t/gitk/security/advisories/GHSA-g4v5-fjv9-mhhc"},{"reference_url":"https://security.gentoo.org/glsa/202507-09","reference_id":"GLSA-202507-09","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202507-09"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:11462","reference_id":"RHSA-2025:11462","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:11462"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:11533","reference_id":"RHSA-2025:11533","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:11533"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:11534","reference_id":"RHSA-2025:11534","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:11534"},{"reference_url":"https://usn.ubuntu.com/7626-1/","reference_id":"USN-7626-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7626-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/206345?format=json","purl":"pkg:apk/alpine/git@2.50.1-r0?arch=armv7&distroversion=v3.23&reponame=main","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/git@2.50.1-r0%3Farch=armv7&distroversion=v3.23&reponame=main"}],"aliases":["CVE-2025-27614"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vyga-trqb-23fb"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/git@2.50.1-r0%3Farch=armv7&distroversion=v3.23&reponame=main"}