CVE-2025-27614

Gitk is a Tcl/Tk based Git history browser. Starting with 2.41.0, a Git repository can be crafted in such a way that with some social engineering a user who has cloned the repository can be tricked into running any script (e.g., Bourne shell, Perl, Python, ...) supplied by the attacker by invoking gitk filename, where filename has a particular structure. The script is run with the privileges of the user. This vulnerability is fixed in 2.43.7, 2.44.4, 2.45.4, 2.46.4, 2.47.3, 2.48.2, 2.49.1, and 2.50.

CVSS v3 8.6 HIGH

8.6^/10

CVSS v3 : HIGH

Vector :

Exploitability : 1.8 / Impact : 6.0

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope CHANGED

References

Link	Resource
https://github.com/j6t/gitk/commit/8e3070aa5e331be45d4d03e3be41f84494fce129
https://github.com/j6t/gitk/security/advisories/GHSA-g4v5-fjv9-mhhc

Configurations

No configuration.

History

15 Jul 2025, 13:24

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-07-10 15:15

Updated : 2025-07-15 13:24

NVD link : CVE-2025-27614

Mitre link : CVE-2025-27614

CVE.ORG link : CVE-2025-27614

JSON object : View

Products Affected

No product.

CWE

CWE-78

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

{"id": "CVE-2025-27614", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "security-advisories@github.com", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 8.6, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 6.0, "exploitabilityScore": 1.8}]}, "published": "2025-07-10T15:15:26.403", "references": [{"url": "https://github.com/j6t/gitk/commit/8e3070aa5e331be45d4d03e3be41f84494fce129", "source": "security-advisories@github.com"}, {"url": "https://github.com/j6t/gitk/security/advisories/GHSA-g4v5-fjv9-mhhc", "source": "security-advisories@github.com"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Primary", "source": "security-advisories@github.com", "description": [{"lang": "en", "value": "CWE-78"}]}], "descriptions": [{"lang": "en", "value": "Gitk is a Tcl/Tk based Git history browser. Starting with 2.41.0, a Git repository can be crafted in such a way that with some social engineering a user who has cloned the repository can be tricked into running any script (e.g., Bourne shell, Perl, Python, ...) supplied by the attacker by invoking gitk filename, where filename has a particular structure. The script is run with the privileges of the user. This vulnerability is fixed in 2.43.7, 2.44.4, 2.45.4, 2.46.4, 2.47.3, 2.48.2, 2.49.1, and 2.50."}, {"lang": "es", "value": "Gitk es un explorador de historial de Git basado en Tcl/Tk. A partir de la versi\u00f3n 2.41.0, se puede manipular un repositorio Git de forma que, mediante ingenier\u00eda social, se pueda enga\u00f1ar a un usuario que lo haya clonado para que ejecute cualquier script (p. ej., Bourne Shell, Perl, Python, etc.) proporcionado por el atacante invocando gitk filename, donde filename tiene una estructura espec\u00edfica. El script se ejecuta con los privilegios del usuario. Esta vulnerabilidad est\u00e1 corregida en las versiones 2.43.7, 2.44.4, 2.45.4, 2.46.4, 2.47.3, 2.48.2, 2.49.1 y 2.50."}], "lastModified": "2025-07-15T13:24:41.097", "sourceIdentifier": "security-advisories@github.com"}