CVE-2025-46334: CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') in j6t git-gui
Git GUI allows you to use the Git source control management tools via a GUI. A malicious repository can ship versions of sh.exe or typical textconv filter programs such as astextplain. Due to the unfortunate design of Tcl on Windows, the search path when looking for an executable always includes the current directory. The mentioned programs are invoked when the user selects Git Bash or Browse Files from the menu. This vulnerability is fixed in 2.43.7, 2.44.4, 2.45.4, 2.46.4, 2.47.3, 2.48.2, 2.49.1, and 2.50.1.
AI Analysis
Technical Summary
CVE-2025-46334 is a high-severity OS command injection vulnerability affecting the j6t git-gui tool, a graphical user interface for Git source control management. The root cause lies in the way git-gui invokes certain executables, such as sh.exe or textconv filter programs like astextplain, on Windows systems. Due to a design characteristic of the Tcl scripting language on Windows, the search path for executables always includes the current working directory. This behavior allows a malicious Git repository to include and ship its own versions of these executables within the repository directory. When a user interacts with the git-gui interface by selecting options like Git Bash or Browse Files, the tool inadvertently executes these malicious binaries from the current directory instead of the intended system binaries. This improper neutralization of special elements in OS command execution (CWE-78) enables an attacker to execute arbitrary code with the privileges of the user running git-gui. The vulnerability affects multiple versions of git-gui prior to patched releases 2.43.7, 2.44.4, 2.45.4, 2.46.4, 2.47.3, 2.48.2, 2.49.1, and 2.50.1. The CVSS 3.1 base score is 8.6, reflecting high impact on confidentiality, integrity, and availability, with low attack complexity, no privileges required, but user interaction necessary. Although no known exploits are reported in the wild yet, the vulnerability presents a significant risk due to the common use of git-gui in development environments and the ease with which a malicious repository can be crafted to exploit this flaw.
Potential Impact
For European organizations, this vulnerability poses a serious threat especially to software development teams and any users relying on git-gui on Windows platforms. Successful exploitation could lead to arbitrary code execution, allowing attackers to compromise source code integrity, exfiltrate sensitive intellectual property, or deploy malware within corporate networks. This could disrupt development workflows, lead to supply chain contamination, and potentially impact downstream software products. Confidentiality breaches could expose proprietary code or credentials stored in repositories. Integrity violations might result in backdoored code being committed or deployed. Availability could be affected if attackers deploy ransomware or destructive payloads. Given the widespread adoption of Git and git-gui in European enterprises, including government, finance, and technology sectors, the potential for lateral movement and escalation within networks is significant. The requirement for user interaction (opening a malicious repository and using affected git-gui features) means targeted phishing or social engineering campaigns could facilitate exploitation.
Mitigation Recommendations
European organizations should immediately verify the versions of git-gui deployed across their Windows-based development environments and update to the fixed versions listed (2.43.7, 2.44.4, 2.45.4, 2.46.4, 2.47.3, 2.48.2, 2.49.1, or 2.50.1). Until updates are applied, users should avoid opening untrusted or unknown Git repositories with git-gui, especially avoiding the Git Bash or Browse Files menu options that trigger execution of external binaries. Implement strict repository source validation policies and educate developers about the risks of opening repositories from unverified sources. Employ endpoint protection solutions capable of detecting anomalous execution of binaries from repository directories. Consider restricting execution permissions on repository folders or running git-gui with least privilege principles. Additionally, integrate repository scanning tools that can detect suspicious files such as unexpected executables within repositories. Monitoring and alerting on unusual process executions originating from user directories can help detect exploitation attempts early.
Affected Countries
Germany, France, United Kingdom, Netherlands, Sweden, Finland, Poland, Italy, Spain
CVE-2025-46334: CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') in j6t git-gui
Description
Git GUI allows you to use the Git source control management tools via a GUI. A malicious repository can ship versions of sh.exe or typical textconv filter programs such as astextplain. Due to the unfortunate design of Tcl on Windows, the search path when looking for an executable always includes the current directory. The mentioned programs are invoked when the user selects Git Bash or Browse Files from the menu. This vulnerability is fixed in 2.43.7, 2.44.4, 2.45.4, 2.46.4, 2.47.3, 2.48.2, 2.49.1, and 2.50.1.
AI-Powered Analysis
Technical Analysis
CVE-2025-46334 is a high-severity OS command injection vulnerability affecting the j6t git-gui tool, a graphical user interface for Git source control management. The root cause lies in the way git-gui invokes certain executables, such as sh.exe or textconv filter programs like astextplain, on Windows systems. Due to a design characteristic of the Tcl scripting language on Windows, the search path for executables always includes the current working directory. This behavior allows a malicious Git repository to include and ship its own versions of these executables within the repository directory. When a user interacts with the git-gui interface by selecting options like Git Bash or Browse Files, the tool inadvertently executes these malicious binaries from the current directory instead of the intended system binaries. This improper neutralization of special elements in OS command execution (CWE-78) enables an attacker to execute arbitrary code with the privileges of the user running git-gui. The vulnerability affects multiple versions of git-gui prior to patched releases 2.43.7, 2.44.4, 2.45.4, 2.46.4, 2.47.3, 2.48.2, 2.49.1, and 2.50.1. The CVSS 3.1 base score is 8.6, reflecting high impact on confidentiality, integrity, and availability, with low attack complexity, no privileges required, but user interaction necessary. Although no known exploits are reported in the wild yet, the vulnerability presents a significant risk due to the common use of git-gui in development environments and the ease with which a malicious repository can be crafted to exploit this flaw.
Potential Impact
For European organizations, this vulnerability poses a serious threat especially to software development teams and any users relying on git-gui on Windows platforms. Successful exploitation could lead to arbitrary code execution, allowing attackers to compromise source code integrity, exfiltrate sensitive intellectual property, or deploy malware within corporate networks. This could disrupt development workflows, lead to supply chain contamination, and potentially impact downstream software products. Confidentiality breaches could expose proprietary code or credentials stored in repositories. Integrity violations might result in backdoored code being committed or deployed. Availability could be affected if attackers deploy ransomware or destructive payloads. Given the widespread adoption of Git and git-gui in European enterprises, including government, finance, and technology sectors, the potential for lateral movement and escalation within networks is significant. The requirement for user interaction (opening a malicious repository and using affected git-gui features) means targeted phishing or social engineering campaigns could facilitate exploitation.
Mitigation Recommendations
European organizations should immediately verify the versions of git-gui deployed across their Windows-based development environments and update to the fixed versions listed (2.43.7, 2.44.4, 2.45.4, 2.46.4, 2.47.3, 2.48.2, 2.49.1, or 2.50.1). Until updates are applied, users should avoid opening untrusted or unknown Git repositories with git-gui, especially avoiding the Git Bash or Browse Files menu options that trigger execution of external binaries. Implement strict repository source validation policies and educate developers about the risks of opening repositories from unverified sources. Employ endpoint protection solutions capable of detecting anomalous execution of binaries from repository directories. Consider restricting execution permissions on repository folders or running git-gui with least privilege principles. Additionally, integrate repository scanning tools that can detect suspicious files such as unexpected executables within repositories. Monitoring and alerting on unusual process executions originating from user directories can help detect exploitation attempts early.
Affected Countries
For access to advanced analysis and higher rate limits, contact root@offseq.com
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- GitHub_M
- Date Reserved
- 2025-04-22T22:41:54.911Z
- Cvss Version
- 3.1
- State
- PUBLISHED
Threat ID: 686fd939a83201eaaca86b0c
Added to database: 7/10/2025, 3:16:09 PM
Last enriched: 7/10/2025, 3:31:30 PM
Last updated: 7/10/2025, 10:30:47 PM
Views: 4
Related Threats
CVE-2025-7423: Stack-based Buffer Overflow in Tenda O3V2
HighCVE-2025-7422: Stack-based Buffer Overflow in Tenda O3V2
HighCVE-2025-7421: Stack-based Buffer Overflow in Tenda O3V2
HighCVE-2025-5241: CWE-645 Overly Restrictive Account Lockout Mechanism in Mitsubishi Electric Corporation MELSEC iQ-F Series FX5U-32MT/ES
MediumCVE-2025-7420: Stack-based Buffer Overflow in Tenda O3V2
HighActions
Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.
Need enhanced features?
Contact root@offseq.com for Pro access with improved analysis and higher rate limits.