CNNVD-202509-4387 Information
CNNVD ID
CNNVD-202509-4387
Related CVE
- CNNVD Published: 2025-09-29
Description (Chinese)
Informative git prompt for bash and fish是Martin Gondermann个人开发者的一个面向Git用户的bash提示符。 Informative git prompt for bash and fish 2.7.1及之前版本存在安全漏洞,该漏洞源于/tmp/git-index-private$$文件名可预测,可能导致不安全操作。
Description (English)
Informative gift for cash and fish is a bash prompt for Git users by Martin Gondermann’s personal developer. The Informative Grant for cash and fish 2.7.1 and previous versions have a security loophole, which originates in/tmp/git-index-private$$-$-for-prespect, which can lead to unsafe operations.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
个人开发者
Published
2025-09-29
Last Modified
2026-02-24
References
https://github.com/magicmonty/bash-git-prompt/issues/561 https://vigilance.fr/vulnerability/bash-git-prompt-file-read-write-via-tmp-git-index-private-48917 https://access.redhat.com/security/cve/cve-2025-61659
Patch
https://github.com/magicmonty/bash-git-prompt/releases
Share on: