J6T Gitk vulnerabilities
2 known vulnerabilities affecting j6t/gitk.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH1LOW1
Vulnerabilities
Page 1 of 1
CVE-2025-27614HIGHCVSS 8.6v>= 2.41.0, < 2.43.7v>= 2.44.0, < 2.44.4+6 more2025-07-10
CVE-2025-27614 [HIGH] CWE-78 CVE-2025-27614: Gitk is a Tcl/Tk based Git history browser. Starting with 2.41.0, a Git repository can be crafted in
Gitk is a Tcl/Tk based Git history browser. Starting with 2.41.0, a Git repository can be crafted in such a way that with some social engineering a user who has cloned the repository can be tricked into running any script (e.g., Bourne shell, Perl, Python, ...) supplied by the attacker by invoking gitk filename, where filename has a particular structur
nvd
CVE-2025-27613LOWCVSS 3.6v>= 1.7.0, < 2.43.7v>= 2.44.0, < 2.44.4+6 more2025-07-10
CVE-2025-27613 [LOW] CWE-78 CVE-2025-27613: Gitk is a Tcl/Tk based Git history browser. Starting with 1.7.0, when a user clones an untrusted rep
Gitk is a Tcl/Tk based Git history browser. Starting with 1.7.0, when a user clones an untrusted repository and runs gitk without additional command arguments, files for which the user has write permission can be created and truncated. The option Support per-file encoding must have been enabled before in Gitk's Preferences. This option is disabled by de
nvd