Main Vulnerability Database SB2025051343

SB2025051343 - Red Hat Enterprise Linux 9 update for git

Published: May 13, 2025

Security Bulletin ID SB2025051343

Severity

Medium

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Remote access

Highest impact Code execution

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) Improper Encoding or Escaping of Output (CVE-ID: CVE-2024-52005)

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to improper input validation when handling ANSI escape sequences in messages passed via sideband channel. A remote attacker can pass specially crafted messages to the terminal and potentially execute untrusted scripts.

Remediation

Install update from vendor's website.

References

https://access.redhat.com/errata/RHSA-2025:7409