CVE-2025-48386Classic Buffer Overflow in GIT

CWE-120Classic Buffer Overflow12 documents7 sources
Severity
6.3MEDIUMNVD
OSV3.6
EPSS
0.0%
top 99.36%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
GIT
Timeline
PublishedJul 8
Latest updateJul 10

Description

Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full access to internals. The wincred credential helper uses a static buffer (target) as a unique key for storing and comparing against internal storage. This credential helper does not properly bounds check the available space remaining in the buffer before appending to it with wcsncat(), leading to potential buffer overflows. This vulnerability is fixed i

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:NExploitability: 1.8 | Impact: 4.0

Affected Packages3 packages

CVEListV5git/git< 2.43.7+7
Alpinegit/git< 2.43.7-r0+4
Ubuntugit/git< 1:2.34.1-1ubuntu1.14+12

🔴Vulnerability Details

5
OSV
git regression2025-07-10
OSV
git regression2025-07-09
CVEList
Git allows a buffer overflow in 'wincred' credential helper2025-07-08
OSV
git vulnerabilities2025-07-08
OSV
CVE-2025-48386: Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full acce2025-07-08

📋Vendor Advisories

6
Ubuntu
Git regression2025-07-10
Ubuntu
Git regression2025-07-09
Red Hat
git: Git buffer overflow2025-07-08
Ubuntu
Git vulnerabilities2025-07-08
Microsoft
GitHub: CVE-2025-48386 Git Credential Helper Vulnerability2025-07-08