SA-2025-076 - Ubuntu GIT Vulnerabilities (CVE-2025... - Extreme Networks - 120219

Summary

A vulnerability in Git allows for protocol injection during the clone process when bundle URIs are enabled. Due to insufficient validation of advertised bundles, a malicious remote server can trick the Git client into writing fetched bundles to an attacker-controlled location. This can potentially result in arbitrary code execution. USN-7626-1

Impact Details

OS/Product	Exposure
ExtremeCloud IQ - Site Engine (XIQ-SE)	Yes

Repair Recommendations

ExtremeCloud IQ - Site Engine (XIQ-SE):

Fixed in 25.8.10 or later

Please see the full Security Advisory here for more details and future updates.

You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.

Comment

Popular Articles

SA-2023-047 - Framing Frames: Bypassing Wi-Fi Encryption by Manipulating Transmit Queues (Leaking fr

SA-2023-107 - libcurl cookie injection with none file (CVE-2023-38546)

SA-2023-106 - SOCKS5 heap buffer overflow (CVE-2023-38545)

GTM-P2G8KFN