{"url":"http://public2.vulnerablecode.io/api/packages/6011?format=json","purl":"pkg:ebuild/dev-vcs/git@2.49.1","type":"ebuild","namespace":"dev-vcs","name":"git","version":"2.49.1","qualifiers":{},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":null,"latest_non_vulnerable_version":null,"affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/25443?format=json","vulnerability_id":"VCID-56ch-6gse-jkhu","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-48384.json","reference_id":"","reference_type":"","scores":[{"value":"8.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-48384.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-48384","reference_id":"","reference_type":"","scores":[{"value":"0.00603","scoring_system":"epss","scoring_elements":"0.70031","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00603","scoring_system":"epss","scoring_elements":"0.70122","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-48384"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48384","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48384"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108983","reference_id":"1108983","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108983"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2378806","reference_id":"2378806","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2378806"},{"reference_url":"https://github.com/git/git/security/advisories/GHSA-vwqx-4fm8-6qc9","reference_id":"GHSA-vwqx-4fm8-6qc9","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-08-26T03:55:23Z/"}],"url":"https://github.com/git/git/security/advisories/GHSA-vwqx-4fm8-6qc9"},{"reference_url":"https://security.gentoo.org/glsa/202507-09","reference_id":"GLSA-202507-09","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202507-09"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:11462","reference_id":"RHSA-2025:11462","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:11462"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:11533","reference_id":"RHSA-2025:11533","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:11533"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:11534","reference_id":"RHSA-2025:11534","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:11534"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:11686","reference_id":"RHSA-2025:11686","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:11686"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:11688","reference_id":"RHSA-2025:11688","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:11688"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:11793","reference_id":"RHSA-2025:11793","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:11793"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:11794","reference_id":"RHSA-2025:11794","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:11794"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:11795","reference_id":"RHSA-2025:11795","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:11795"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:11796","reference_id":"RHSA-2025:11796","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:11796"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:11800","reference_id":"RHSA-2025:11800","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:11800"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:11801","reference_id":"RHSA-2025:11801","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:11801"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13276","reference_id":"RHSA-2025:13276","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:13276"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13325","reference_id":"RHSA-2025:13325","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:13325"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13933","reference_id":"RHSA-2025:13933","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:13933"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:14059","reference_id":"RHSA-2025:14059","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:14059"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:14396","reference_id":"RHSA-2025:14396","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:14396"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:14853","reference_id":"RHSA-2025:14853","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:14853"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:14858","reference_id":"RHSA-2025:14858","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:14858"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:15308","reference_id":"RHSA-2025:15308","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:15308"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:15672","reference_id":"RHSA-2025:15672","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:15672"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:15827","reference_id":"RHSA-2025:15827","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:15827"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:15828","reference_id":"RHSA-2025:15828","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:15828"},{"reference_url":"https://usn.ubuntu.com/7626-1/","reference_id":"USN-7626-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7626-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/6011?format=json","purl":"pkg:ebuild/dev-vcs/git@2.49.1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-vcs/git@2.49.1"}],"aliases":["CVE-2025-48384"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"7.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-56ch-6gse-jkhu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/97224?format=json","vulnerability_id":"VCID-6eun-uurz-qfbf","summary":"Git GUI allows you to use the Git source control management tools via a GUI. A malicious repository can ship versions of sh.exe or typical textconv filter programs such as astextplain. Due to the unfortunate design of Tcl on Windows, the search path when looking for an executable always includes the current directory. The mentioned programs are invoked when the user selects Git Bash or Browse Files from the menu. This vulnerability is fixed in 2.43.7, 2.44.4, 2.45.4, 2.46.4, 2.47.3, 2.48.2, 2.49.1, and 2.50.1.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-46334","reference_id":"","reference_type":"","scores":[{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.07373","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.07413","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-46334"},{"reference_url":"https://github.com/j6t/git-gui/compare/dcda716dbc9c90bcac4611bd1076747671ee0906..a1ccd2512072cf52835050f4c97a4fba9f0ec8f9","reference_id":"dcda716dbc9c90bcac4611bd1076747671ee0906..a1ccd2512072cf52835050f4c97a4fba9f0ec8f9","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-10T15:54:14Z/"}],"url":"https://github.com/j6t/git-gui/compare/dcda716dbc9c90bcac4611bd1076747671ee0906..a1ccd2512072cf52835050f4c97a4fba9f0ec8f9"},{"reference_url":"https://github.com/j6t/git-gui/security/advisories/GHSA-7px4-9hg2-fvhx","reference_id":"GHSA-7px4-9hg2-fvhx","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-10T15:54:14Z/"}],"url":"https://github.com/j6t/git-gui/security/advisories/GHSA-7px4-9hg2-fvhx"},{"reference_url":"https://security.gentoo.org/glsa/202507-09","reference_id":"GLSA-202507-09","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202507-09"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/6011?format=json","purl":"pkg:ebuild/dev-vcs/git@2.49.1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-vcs/git@2.49.1"}],"aliases":["CVE-2025-46334"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6eun-uurz-qfbf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/23406?format=json","vulnerability_id":"VCID-dpuz-daf8-f7h4","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-27613.json","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-27613.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-27613","reference_id":"","reference_type":"","scores":[{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.10495","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.1055","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-27613"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-27613","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-27613"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108983","reference_id":"1108983","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108983"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2379124","reference_id":"2379124","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2379124"},{"reference_url":"https://github.com/j6t/gitk/compare/465f03869ae11acd04abfa1b83c67879c867410c..026c397d911cde55924d7eb1311d0fd6e2e105d5","reference_id":"465f03869ae11acd04abfa1b83c67879c867410c..026c397d911cde55924d7eb1311d0fd6e2e105d5","reference_type":"","scores":[{"value":"3.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-10T15:55:29Z/"}],"url":"https://github.com/j6t/gitk/compare/465f03869ae11acd04abfa1b83c67879c867410c..026c397d911cde55924d7eb1311d0fd6e2e105d5"},{"reference_url":"https://github.com/j6t/gitk/compare/7dd272eca153058da2e8d5b9960bbbf0b4f0cbaa..67a128b91e25978a15f9f7e194d81b441d603652","reference_id":"7dd272eca153058da2e8d5b9960bbbf0b4f0cbaa..67a128b91e25978a15f9f7e194d81b441d603652","reference_type":"","scores":[{"value":"3.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-10T15:55:29Z/"}],"url":"https://github.com/j6t/gitk/compare/7dd272eca153058da2e8d5b9960bbbf0b4f0cbaa..67a128b91e25978a15f9f7e194d81b441d603652"},{"reference_url":"https://github.com/j6t/gitk/security/advisories/GHSA-f3cw-xrj3-wr2v","reference_id":"GHSA-f3cw-xrj3-wr2v","reference_type":"","scores":[{"value":"3.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-10T15:55:29Z/"}],"url":"https://github.com/j6t/gitk/security/advisories/GHSA-f3cw-xrj3-wr2v"},{"reference_url":"https://security.gentoo.org/glsa/202507-09","reference_id":"GLSA-202507-09","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202507-09"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:11462","reference_id":"RHSA-2025:11462","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:11462"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:11533","reference_id":"RHSA-2025:11533","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:11533"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:11534","reference_id":"RHSA-2025:11534","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:11534"},{"reference_url":"https://usn.ubuntu.com/7626-1/","reference_id":"USN-7626-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7626-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/6011?format=json","purl":"pkg:ebuild/dev-vcs/git@2.49.1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-vcs/git@2.49.1"}],"aliases":["CVE-2025-27613"],"risk_score":1.9,"exploitability":"0.5","weighted_severity":"3.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dpuz-daf8-f7h4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/23407?format=json","vulnerability_id":"VCID-exe3-56nt-2qak","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-27614.json","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-27614.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-27614","reference_id":"","reference_type":"","scores":[{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06538","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06561","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-27614"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108983","reference_id":"1108983","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108983"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2379125","reference_id":"2379125","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2379125"},{"reference_url":"https://github.com/j6t/gitk/commit/8e3070aa5e331be45d4d03e3be41f84494fce129","reference_id":"8e3070aa5e331be45d4d03e3be41f84494fce129","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-10T15:54:41Z/"}],"url":"https://github.com/j6t/gitk/commit/8e3070aa5e331be45d4d03e3be41f84494fce129"},{"reference_url":"https://github.com/j6t/gitk/security/advisories/GHSA-g4v5-fjv9-mhhc","reference_id":"GHSA-g4v5-fjv9-mhhc","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-10T15:54:41Z/"}],"url":"https://github.com/j6t/gitk/security/advisories/GHSA-g4v5-fjv9-mhhc"},{"reference_url":"https://security.gentoo.org/glsa/202507-09","reference_id":"GLSA-202507-09","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202507-09"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:11462","reference_id":"RHSA-2025:11462","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:11462"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:11533","reference_id":"RHSA-2025:11533","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:11533"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:11534","reference_id":"RHSA-2025:11534","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:11534"},{"reference_url":"https://usn.ubuntu.com/7626-1/","reference_id":"USN-7626-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7626-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/6011?format=json","purl":"pkg:ebuild/dev-vcs/git@2.49.1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-vcs/git@2.49.1"}],"aliases":["CVE-2025-27614"],"risk_score":3.9,"exploitability":"0.5","weighted_severity":"7.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-exe3-56nt-2qak"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/25444?format=json","vulnerability_id":"VCID-ju93-9r82-6yg5","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-48385.json","reference_id":"","reference_type":"","scores":[{"value":"8.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-48385.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-48385","reference_id":"","reference_type":"","scores":[{"value":"0.0019","scoring_system":"epss","scoring_elements":"0.40799","published_at":"2026-06-11T12:55:00Z"},{"value":"0.0019","scoring_system":"epss","scoring_elements":"0.40966","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-48385"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108983","reference_id":"1108983","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108983"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2378808","reference_id":"2378808","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2378808"},{"reference_url":"https://github.com/git/git/security/advisories/GHSA-m98c-vgpc-9655","reference_id":"GHSA-m98c-vgpc-9655","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-08T18:38:28Z/"}],"url":"https://github.com/git/git/security/advisories/GHSA-m98c-vgpc-9655"},{"reference_url":"https://security.gentoo.org/glsa/202507-09","reference_id":"GLSA-202507-09","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202507-09"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:11462","reference_id":"RHSA-2025:11462","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:11462"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:11533","reference_id":"RHSA-2025:11533","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:11533"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:11534","reference_id":"RHSA-2025:11534","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:11534"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:11686","reference_id":"RHSA-2025:11686","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:11686"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:11794","reference_id":"RHSA-2025:11794","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:11794"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:11795","reference_id":"RHSA-2025:11795","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:11795"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13276","reference_id":"RHSA-2025:13276","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:13276"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13325","reference_id":"RHSA-2025:13325","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:13325"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13933","reference_id":"RHSA-2025:13933","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:13933"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:14059","reference_id":"RHSA-2025:14059","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:14059"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:14396","reference_id":"RHSA-2025:14396","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:14396"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:14853","reference_id":"RHSA-2025:14853","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:14853"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:14858","reference_id":"RHSA-2025:14858","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:14858"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:15672","reference_id":"RHSA-2025:15672","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:15672"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:15827","reference_id":"RHSA-2025:15827","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:15827"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:15828","reference_id":"RHSA-2025:15828","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:15828"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:15847","reference_id":"RHSA-2025:15847","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:15847"},{"reference_url":"https://usn.ubuntu.com/7626-1/","reference_id":"USN-7626-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7626-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/6011?format=json","purl":"pkg:ebuild/dev-vcs/git@2.49.1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-vcs/git@2.49.1"}],"aliases":["CVE-2025-48385"],"risk_score":3.9,"exploitability":"0.5","weighted_severity":"7.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ju93-9r82-6yg5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/25445?format=json","vulnerability_id":"VCID-n4k5-sb15-sffy","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-48386.json","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-48386.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-48386","reference_id":"","reference_type":"","scores":[{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.07492","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.07525","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-48386"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2378807","reference_id":"2378807","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2378807"},{"reference_url":"https://github.com/git/git/security/advisories/GHSA-4v56-3xvj-xvfr","reference_id":"GHSA-4v56-3xvj-xvfr","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-08T18:46:25Z/"}],"url":"https://github.com/git/git/security/advisories/GHSA-4v56-3xvj-xvfr"},{"reference_url":"https://security.gentoo.org/glsa/202507-09","reference_id":"GLSA-202507-09","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202507-09"},{"reference_url":"https://usn.ubuntu.com/7626-1/","reference_id":"USN-7626-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7626-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/6011?format=json","purl":"pkg:ebuild/dev-vcs/git@2.49.1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-vcs/git@2.49.1"}],"aliases":["CVE-2025-48386"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-n4k5-sb15-sffy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/25395?format=json","vulnerability_id":"VCID-r1py-54z5-s7ey","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-46835.json","reference_id":"","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-46835.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-46835","reference_id":"","reference_type":"","scores":[{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08964","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.09012","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-46835"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-46835","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-46835"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108983","reference_id":"1108983","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108983"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2379326","reference_id":"2379326","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2379326"},{"reference_url":"https://github.com/j6t/git-gui/compare/dcda716dbc9c90bcac4611bd1076747671ee0906..a437f5bc93330a70b42a230e52f3bd036ca1b1da","reference_id":"dcda716dbc9c90bcac4611bd1076747671ee0906..a437f5bc93330a70b42a230e52f3bd036ca1b1da","reference_type":"","scores":[{"value":"8.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-10T15:53:11Z/"}],"url":"https://github.com/j6t/git-gui/compare/dcda716dbc9c90bcac4611bd1076747671ee0906..a437f5bc93330a70b42a230e52f3bd036ca1b1da"},{"reference_url":"https://github.com/j6t/git-gui/security/advisories/GHSA-xfx7-68v4-v8fg","reference_id":"GHSA-xfx7-68v4-v8fg","reference_type":"","scores":[{"value":"8.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-10T15:53:11Z/"}],"url":"https://github.com/j6t/git-gui/security/advisories/GHSA-xfx7-68v4-v8fg"},{"reference_url":"https://security.gentoo.org/glsa/202507-09","reference_id":"GLSA-202507-09","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202507-09"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:11462","reference_id":"RHSA-2025:11462","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:11462"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:11533","reference_id":"RHSA-2025:11533","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:11533"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:11534","reference_id":"RHSA-2025:11534","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:11534"},{"reference_url":"https://usn.ubuntu.com/7626-1/","reference_id":"USN-7626-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7626-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/6011?format=json","purl":"pkg:ebuild/dev-vcs/git@2.49.1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-vcs/git@2.49.1"}],"aliases":["CVE-2025-46835"],"risk_score":3.9,"exploitability":"0.5","weighted_severity":"7.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-r1py-54z5-s7ey"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-vcs/git@2.49.1"}