Git
Easy fix9 remedies
cpe:2.3:a:git:git:*:*:*:*:*:*:*, +1 more
Easy fix9 remedies
- <= v2.43.6
- >= v2.44.0, <= v2.44.3
- >= v2.45.0, <= v2.45.3
- >= v2.46.0, <= v2.46.3
- >= v2.47.0, <= v2.47.2
- >= v2.48.0, <= v2.48.1
- <= v2.49.0
- <= v2.50.0
Git Buffer Overflow Vulnerability in Wincred Credential Helper
Vulnerability
Patched
A buffer overflow vulnerability has been identified in the Wincred credential helper of Git. This issue arises because the helper uses a static buffer as a unique key for storing and comparing credentials, but fails to properly check the available space in the buffer before appending data. This flaw allows for potential buffer overflows, which could be exploited under certain conditions.
Impact
Exploitation of this vulnerability could lead to a buffer overflow, a common vulnerability that can be exploited to execute arbitrary code or cause a program to crash.
Remediation
Users are advised to upgrade to Git versions 2.43.7, 2.44.4, 2.45.4, 2.46.4, 2.47.3, 2.48.2, 2.49.1, or 2.50.1. If upgrading is not possible, avoid using the Wincred helper.
Added: Sep 1, 2025, 7:22 PM
Updated: Sep 1, 2025, 7:22 PM
Vulnerability Rating
Custom Algorithm
spread
7.8impact
10.0exploitability
4.4remediation
8.3relevance
0.2threat
0.0urgency
2.9incentive
1.7Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.