Git For Windows Project Git For Windows — known CVE vulnerabilities
Every CVE whose affected-product data names Git For Windows Project Git For Windows, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (7)
CVE-2023-23618 — CVSS 8.6 (high): Git for Windows is the Windows port of the revision control system Git. Prior to Git for Windows version 2.39.2, when `gitk` is run on…
CVE-2022-24767 — CVSS 7.8 (high): GitHub: Git for Windows' uninstaller vulnerable to DLL hijacking when run under the SYSTEM user account.
CVE-2016-9274 — CVSS 7.8 (high): Untrusted search path vulnerability in Git 1.x for Windows allows local users to gain privileges via a Trojan horse git.exe file in the…
CVE-2023-29011 — CVSS 7.5 (high): Git for Windows, the Windows port of Git, ships with an executable called `connect.exe`, which implements a SOCKS5 proxy that can be used…
CVE-2023-22743 — CVSS 7.2 (high): Git for Windows is the Windows port of the revision control system Git. Prior to Git for Windows version 2.39.2, by carefully crafting DLL…
CVE-2023-29012 — CVSS 7.2 (high): Git for Windows is the Windows port of Git. Prior to version 2.40.1, any user of Git CMD who starts the command in an untrusted directory…
CVE-2023-25815 — CVSS 3.3 (low): In Git for Windows, the Windows port of Git, no localized messages are shipped with the installer. As a consequence, Git is expected not to…