Lucene search
GoogleOSV:CVE-2023-40267HistoryAug 11, 2023 - 7:15 a.m.
CVE-2023-40267
2023-08-1107:15:09
Google
osv.dev
8
gitpython
before 3.1.32
insecure
clone
options
cve-2023-40267
incomplete fix
cve-2022-24439
GitPython before 3.1.32 does not block insecure non-multi options in clone and clone_from. NOTE: this issue exists because of an incomplete fix for CVE-2022-24439.
References
github.com/gitpython-developers/GitPython/commit/ca965ecc81853bca7675261729143f54e5bf4cdd
github.com/gitpython-developers/GitPython/pull/1609
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AV5DV7GBLMOZT7U3Q4TDOJO5R6G3V6GH/
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PF6AXUTC5BO7L2SBJMCVKJSPKWY52I5R/
Related
cvelist
cvelist
CVE-2023-40267
2023-08-11 00:00:00
CVE-2022-24439 Remote Code Execution (RCE)
2022-12-06 00:00:00
openvas
openvas
Fedora: Security Advisory for GitPython (FEDORA-2023-26116901d9)
2023-08-25 00:00:00
Debian: Security Advisory (DLA-3502-1)
2023-07-26 00:00:00
Fedora: Security Advisory for GitPython (FEDORA-2023-1ec4e542f9)
2023-08-23 00:00:00
nessus
nessus
Ubuntu 16.04 ESM / 18.04 ESM / 20.04 ESM / 22.04 ESM / 23.04 : GitPython vulnerability (USN-6326-1)
2023-08-31 00:00:00
Fedora 38 : GitPython (2023-1ec4e542f9)
2023-08-22 00:00:00
Fedora 37 : GitPython (2023-26116901d9)
2023-08-25 00:00:00
prion
prion
Code injection
2023-08-11 07:15:00
Design/Logic Flaw
2022-12-06 05:15:00
gitlab
gitlab
Improper Input Validation
2023-08-11 00:00:00
ubuntucve
ubuntucve
CVE-2023-40267
2023-08-11 00:00:00
CVE-2022-24439
2022-12-06 00:00:00
osv
osv
PYSEC-2023-137
2023-08-11 07:15:00
GitPython vulnerable to remote code execution due to insufficient sanitization of input arguments
2023-08-11 09:30:36
python-git - security update
2023-07-25 00:00:00
cve
cve
CVE-2023-40267
2023-08-11 07:15:09
CVE-2022-24439
2022-12-06 05:15:00
veracode
veracode
Remote Code Execution (RCE)
2023-08-14 05:13:15
Remote Code Execution (RCE)
2022-12-11 03:40:58
fedora
fedora
[SECURITY] Fedora 38 Update: GitPython-3.1.32-1.fc38
2023-08-22 17:17:47
[SECURITY] Fedora 37 Update: GitPython-3.1.32-1.fc37
2023-08-25 00:43:08
[SECURITY] Fedora 36 Update: GitPython-3.1.30-1.fc36
2023-01-07 01:14:10
github
github
debiancve
debiancve
CVE-2023-40267
2023-08-11 07:15:09
CVE-2022-24439
2022-12-06 05:15:00
alpinelinux
alpinelinux
CVE-2023-40267
2023-08-11 07:15:09
redhat
redhat
(RHSA-2023:4991) Low: Red Hat Ansible Automation Platform 2.3 Product Security and Bug Fix Update
2023-09-06 12:59:39
(RHSA-2023:4971) Moderate: Red Hat Ansible Automation Platform 2.4 Product Security and Bug Fix Update
2023-09-05 11:43:37
(RHSA-2023:5931) Important: Satellite 6.13.5 Async Security Update
2023-10-19 12:48:52
redhatcve
redhatcve
CVE-2023-40267
2023-08-22 17:50:49
CVE-2022-24439
2022-12-07 15:01:17
ubuntu
ubuntu
GitPython vulnerability
2023-08-31 00:00:00
GitPython vulnerability
2023-03-22 00:00:00
gentoo
gentoo
GitPython: Code Execution via Crafted Input
2023-11-01 00:00:00
debian
debian
[SECURITY] [DLA 3502-1] python-git security update
2023-07-25 10:13:41
mageia
mageia
Updated python-gitpython packages fix security vulnerability
2023-01-13 20:37:09
rocky
rocky
Satellite 6.14 security and bug fix update
2023-11-11 22:58:57
ibm
ibm