Medium severity6.8OSV Advisory· Published Sep 29, 2025· Updated Apr 15, 2026
CVE-2025-61659
CVE-2025-61659
Description
bash-git-prompt 2.6.1 through 2.7.1 insecurely uses the /tmp/git-index-private$$ file, which has a predictable name.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
42.6.1, 2.6.2, 2.6.3, …+ 1 more
- (no CPE)range: 2.6.1, 2.6.2, 2.6.3, …
- (no CPE)range: >=2.6.1 <=2.7.1
- osv-coords2 versionspkg:rpm/opensuse/bash-git-prompt&distro=openSUSE%20Leap%2016.0pkg:rpm/opensuse/bash-git-prompt&distro=openSUSE%20Tumbleweed
< 2.7.1-bp160.2.1+ 1 more
- (no CPE)range: < 2.7.1-bp160.2.1
- (no CPE)range: < 2.7.1-4.1
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.