debian · CVE-2022-24975

Quick triage

Priority: unimportant Published: Updated: Mon, 13 Jul 2026 06:39:44 GMT

View at Official debian advisory, NVD, CVE.org · CVE detail

Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.

Tracker summary

CVE-2022-24975 unimportant priority: Debian including 1 source packages (git), 5 status rows across 5 suites (bookworm, bullseye, forky, sid, trixie): open 5.

Description:

The --mirror documentation for Git through 2.35.1 does not mention the availability of deleted content, aka the "GitBleed" issue. This could present a security risk if information-disclosure auditing processes rely on a clone operation without the --mirror option. Note: This has been disputed by multiple 3rd parties who believe this is an intended feature of the git binary and does not pose a security risk.

cvelogic Threat Intelligence