Vulnerability/
REDHAT-BUG-2379326

REDHAT-BUG-2379326

Q: What is the severity of REDHAT-BUG-2379326?

The severity of REDHAT-BUG-2379326 is considered medium due to the potential risk of arbitrary file overwriting.

Q: How do I fix REDHAT-BUG-2379326?

To fix REDHAT-BUG-2379326, users should update Git GUI to a version that is higher than 2.50.1.

Q: What versions are affected by REDHAT-BUG-2379326?

Affected versions of Git GUI range from versions 2.43.7 up to and including 2.50.0.

Q: What can happen if I don't address REDHAT-BUG-2379326?

If REDHAT-BUG-2379326 is not addressed, untrusted repositories could lead to unintentional file modifications or data loss.

Q: Who is affected by REDHAT-BUG-2379326?

Users of Git GUI versions between 2.43.7 and 2.50.0 who clone untrusted repositories are affected by REDHAT-BUG-2379326.

Published Jul 10, 2025

Updated

Git GUI allows you to use the Git source control management tools via a GUI. When a user clones an untrusted repository and is tricked into editing a file located in a maliciously named directory in the repository, then Git GUI can create and overwrite files for which the user has write permission. This vulnerability is fixed in 2.43.7, 2.44.4, 2.45.4, 2.46.4, 2.47.3, 2.48.2, 2.49.1, and 2.50.1.

Affected Software

1 affected component

Git Git GUI<2.43.7, >=2.44.0<=2.44.4, >=2.45.0<=2.45.4, >=2.46.0<=2.46.4, >=2.47.0<=2.47.3, >=2.48.0<=2.48.2, >=2.49.0<=2.49.1, >=2.50.0<=2.50.1

Event History

Jul 10, 2025

Data Sourced

via Red Hat·04:01 PM

DescriptionSeverityAffected Software

Frequently Asked Questions

What is the severity of REDHAT-BUG-2379326?

The severity of REDHAT-BUG-2379326 is considered medium due to the potential risk of arbitrary file overwriting.

How do I fix REDHAT-BUG-2379326?

To fix REDHAT-BUG-2379326, users should update Git GUI to a version that is higher than 2.50.1.

What versions are affected by REDHAT-BUG-2379326?

Affected versions of Git GUI range from versions 2.43.7 up to and including 2.50.0.

What can happen if I don't address REDHAT-BUG-2379326?

If REDHAT-BUG-2379326 is not addressed, untrusted repositories could lead to unintentional file modifications or data loss.

Who is affected by REDHAT-BUG-2379326?

Users of Git GUI versions between 2.43.7 and 2.50.0 who clone untrusted repositories are affected by REDHAT-BUG-2379326.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.