The US cybersecurity agency CISA has issued a warning about a recently exploited vulnerability in Git, which could lead to remote code execution. Organisations are urged to patch this flaw promptly to prevent potential attacks. #CISA #CVE202548384
Keypoints
- The vulnerability CVE-2025-48384 affects Git on macOS and Linux systems.
- It allows attackers to manipulate submodule paths and execute malicious scripts after checkout.
- Proof-of-concept code has been released, increasing the risk of exploitation.
- Git versions 2.43.7 and later have released patches addressing this security flaw.
- CISA has added the vulnerability to its KEV list, urging immediate patching for federal agencies.
Read More: https://www.securityweek.com/organizations-warned-of-exploited-git-vulnerability/