代码拉取完成,页面将自动刷新
一、漏洞信息
漏洞编号:CVE-2025-27613
漏洞归属组件:git
漏洞归属的版本:2.27.0,2.30.0,2.33.0,2.36.1,2.39.1,2.41.0,2.43.0,2.46.0,2.48.1
CVSS V3.0分值:
BaseScore:3.6 Low
Vector:CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N
漏洞简述:
A vulnerability was found in Microsoft Visual Studio (Programming Tool Software) (affected version not known). It has been classified as problematic.This is going to have an impact on confidentiality, integrity, and availability.Applying a patch is able to eliminate this problem. A possible mitigation has been published immediately after the disclosure of the vulnerability.
漏洞公开时间:2025-07-10 23:15:26
漏洞创建时间:2025-07-11 01:31:49
漏洞详情参考链接:
https://nvd.nist.gov/vuln/detail/CVE-2025-27613
漏洞分析指导链接:
https://gitee.com/openeuler/cve-manager/blob/master/cve-vulner-manager/doc/md/manual.md
漏洞数据来源:
七彩瞬析开源风险感知平台
漏洞补丁信息:
无
二、漏洞分析结构反馈
影响性分析说明:
Gitk is a Tcl/Tk based Git history browser. Starting with 1.7.0, when a user clones an untrusted repository and runs gitk without additional command arguments, files for which the user has write permission can be created and truncated. The option Support per-file encoding must have been enabled before in Gitk s Preferences. This option is disabled by default. The same happens when Show origin of this line is used in the main window (regardless of whether Support per-file encoding is enabled or not). This vulnerability is fixed in 2.43.7, 2.44.4, 2.45.4, 2.46.4, 2.47.3, 2.48.2, 2.49.1, and 2.50.1.
openEuler评分:
3.6
Vector:CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N
受影响版本排查(受影响/不受影响):
1.master(2.50.1):受影响
2.openEuler-20.03-LTS-SP4(2.27.0):受影响
3.openEuler-22.03-LTS-SP3(2.33.0):受影响
4.openEuler-22.03-LTS-SP4(2.33.0):受影响
5.openEuler-24.03-LTS(2.43.0):受影响
6.openEuler-24.03-LTS-Next(2.43.0):受影响
7.openEuler-24.03-LTS-SP1(2.43.0):受影响
8.openEuler-24.03-LTS-SP2(2.43.0):受影响
修复是否涉及abi变化(是/否):
1.master(2.50.1):否
2.openEuler-20.03-LTS-SP4(2.27.0):否
3.openEuler-22.03-LTS-SP3(2.33.0):否
4.openEuler-22.03-LTS-SP4(2.33.0):否
5.openEuler-24.03-LTS(2.43.0):否
6.openEuler-24.03-LTS-Next(2.43.0):否
7.openEuler-24.03-LTS-SP1(2.43.0):否
8.openEuler-24.03-LTS-SP2(2.43.0):否
原因说明:
1.master(2.50.1):正常修复
2.openEuler-20.03-LTS-SP4(2.27.0):正常修复
3.openEuler-22.03-LTS-SP3(2.33.0):正常修复
4.openEuler-22.03-LTS-SP4(2.33.0):正常修复
5.openEuler-24.03-LTS(2.43.0):正常修复
6.openEuler-24.03-LTS-Next(2.43.0):正常修复
7.openEuler-24.03-LTS-SP1(2.43.0):正常修复
8.openEuler-24.03-LTS-SP2(2.43.0):正常修复
三、漏洞修复
安全公告链接:https://www.openeuler.org/zh/security/safety-bulletin/detail/?id=openEuler-SA-2025-1849
FileDragTip