Git-lfs Git-lfs

4 CVEs affecting Git-lfs Git-lfs. Latest disclosed: 2025-10-17. Critical: 1, High: 1.

Top CVEs affecting Git-lfs Git-lfs
CVESeverityScorePublishedSummary
CVE-2022-24826Critical9.82022-04-20On Windows, if Git LFS operates on a malicious repository with a `..exe` file as well as a file named `git.exe`, and `git.exe` is not found in `PATH`, the `..e…
CVE-2021-21237High7.22021-01-15Git LFS is a command line extension for managing large files with Git. On Windows, if Git LFS operates on a malicious repository with a git.bat or git.exe file…
CVE-2025-266252025-10-17Git LFS is a Git extension for versioning large files. In Git LFS versions 0.5.2 through 3.7.0, when populating a Git repository's working tree with the conten…
CVE-2024-532632025-01-14Git LFS is a Git extension for versioning large files. When Git LFS requests credentials from Git for a remote host, it passes portions of the host's URL to th…