Git-lfs Git-lfs
4 CVEs affecting Git-lfs Git-lfs. Latest disclosed: 2025-10-17. Critical: 1, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2022-24826 | Critical | 9.8 | 2022-04-20 | On Windows, if Git LFS operates on a malicious repository with a `..exe` file as well as a file named `git.exe`, and `git.exe` is not found in `PATH`, the `..e… |
CVE-2021-21237 | High | 7.2 | 2021-01-15 | Git LFS is a command line extension for managing large files with Git. On Windows, if Git LFS operates on a malicious repository with a git.bat or git.exe file… |
CVE-2025-26625 | | 2025-10-17 | Git LFS is a Git extension for versioning large files. In Git LFS versions 0.5.2 through 3.7.0, when populating a Git repository's working tree with the conten… | |
CVE-2024-53263 | | 2025-01-14 | Git LFS is a Git extension for versioning large files. When Git LFS requests credentials from Git for a remote host, it passes portions of the host's URL to th… |