Skip to content

Jgit CVE-2025-4949 Fix for Java 8

Summary

May you please release the fix for CVE-2025-4949 for Java 8? I see that this was fixed for versions 7 and 6. Unfortunately, I have some projects that cannot be updated to Java 11.

security/cve-assignement#64

Steps to reproduce

Not relevant

What is the current bug behavior?

Not relevant

What is the expected correct behavior?

Not relevant

Relevant logs and/or screenshots

Not relevant

Priority

  • Urgent
  • High
  • Medium
  • Low

Severity

  • Blocker
  • Major
  • Normal
  • Low

Impact

Security impact for Java 8 applications which use JGit version 5.13.x.

Edited by Cristian Sorescu

Copyright © Eclipse Foundation, Inc. All Rights Reserved.     Privacy Policy | Terms of Use | Copyright Agent