24 matches found
CVE-2026-40590
FreeScout prior to 1.8.214 exposes a Change Customer flow (POST /customers/ajax, action=create) in the Change Customer modal. The endpoint skips unique-email validation under limited visibility, and if the provided email matches a hidden existing customer, Customer::create() reuses that hidden cu...
EUVD-2024-0062
Malicious code in bioql PyPI...
EUVD-2022-40590
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2024-22190
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GitPython is a python library used to interact with Git repositories. There is an incomplete fix for CVE-2023-40590. On Windows, GitPython uses an untrusted...
CVE-2024-40590
An improper certificate validation vulnerability CWE-295 in FortiPortal version 7.4.0, version 7.2.4 and below, version 7.0.8 and below, version 6.0.15 and below when connecting to a FortiManager device, a FortiAnalyzer device, or an SMTP server may allow an unauthenticated attacker in a...
CVE-2024-40590
An improper certificate validation vulnerability CWE-295 in FortiPortal version 7.4.0, version 7.2.4 and below, version 7.0.8 and below, version 6.0.15 and below when connecting to a FortiManager device, a FortiAnalyzer device, or an SMTP server may allow an unauthenticated attacker in a...
CVE-2024-40590
CVE-2024-40590 describes an improper certificate validation (CWE-295) in FortiPortal. Affected are FortiPortal versions 7.4.0, 7.2.4 and below, 7.0.8 and below, and 6.0.15 and below when connecting to a FortiManager device, FortiAnalyzer device, or an SMTP server. This allows an unauthenticated a...
CVE-2024-40590
creationtimestamp| type| source ---|---|--- 2024-11-13 14:12:43+00:00| seen| https://infosec.exchange/users/screaminggoat/statuses/113476053415922211 2025-03-14 16:42:25+00:00| seen| https://t.me/cvedetector/20295 2025-03-14 16:46:11+00:00| seen|...
CVE-2024-22190
GitPython is a python library used to interact with Git repositories. There is an incomplete fix for CVE-2023-40590. On Windows, GitPython uses an untrusted search path if it uses a shell to run git, as well as when it runs bash.exe to interpret hooks. If either of those features are used on...
CVE-2024-22190
GitPython is a python library used to interact with Git repositories. There is an incomplete fix for CVE-2023-40590. On Windows, GitPython uses an untrusted search path if it uses a shell to run git, as well as when it runs bash.exe to interpret hooks. If either of those features are used on...
PYSEC-2024-4
GitPython is a python library used to interact with Git repositories. There is an incomplete fix for CVE-2023-40590. On Windows, GitPython uses an untrusted search path if it uses a shell to run git, as well as when it runs bash.exe to interpret hooks. If either of those features are used on...
PYSEC-2024-4
GitPython is a python library used to interact with Git repositories. There is an incomplete fix for CVE-2023-40590. On Windows, GitPython uses an untrusted search path if it uses a shell to run git, as well as when it runs bash.exe to interpret hooks. If either of those features are used on...
Design/Logic Flaw
GitPython is a python library used to interact with Git repositories. There is an incomplete fix for CVE-2023-40590. On Windows, GitPython uses an untrusted search path if it uses a shell to run git, as well as when it runs bash.exe to interpret hooks. If either of those features are used on...
CVE-2024-22190 Untrusted search path under some conditions on Windows allows arbitrary code execution
GitPython is a python library used to interact with Git repositories. There is an incomplete fix for CVE-2023-40590. On Windows, GitPython uses an untrusted search path if it uses a shell to run git, as well as when it runs bash.exe to interpret hooks. If either of those features are used on...
CVE-2024-22190 Untrusted search path under some conditions on Windows allows arbitrary code execution
GitPython is a python library used to interact with Git repositories. There is an incomplete fix for CVE-2023-40590. On Windows, GitPython uses an untrusted search path if it uses a shell to run git, as well as when it runs bash.exe to interpret hooks. If either of those features are used on...
CVE-2024-22190
CVE-2024-22190 (GitPython) affects GitPython, where an incomplete fix for CVE-2023-40590 leaves an untrusted search path risk on Windows when a shell is used to run git or when bash.exe is used to interpret hooks. The issue can allow a malicious git.exe or bash.exe from an untrusted repository to...
CVE-2024-22190 Untrusted search path under some conditions on Windows allows arbitrary code execution
GitPython is a python library used to interact with Git repositories. There is an incomplete fix for CVE-2023-40590. On Windows, GitPython uses an untrusted search path if it uses a shell to run git, as well as when it runs bash.exe to interpret hooks. If either of those features are used on...
SUSE CVE-2023-40590
GitPython is a python library used to interact with Git repositories. When resolving a program, Python/Windows look for the current working directory, and after that the PATH environment. GitPython defaults to use the git command, if a user runs GitPython from a repo has a git.exe or git...
agixt (>=1.2.3 <=1.3.129), aicrowd-cli (>=0.1.8 <=0.1.15) +541 more potentially affected by CVE-2023-40590 via gitpython (>=0.3.4 <=3.1.32)
gitpython PYPI version =0.3.4, =1.2.3, =0.1.8, =0.5.0, =1.0.0, =1.0.1, =0.0.1, =2.0.1, =0.10.0, =0.0.1a0, =0.0.3, =6.1.3, =0.0.3, =0.0.0, =2.0.0 and more Source cves: CVE-2023-40590 Source advisory: OSV:GHSA-WFM5-V35H-VWF4...
agixt (>=1.2.3 <=1.3.129), aicrowd-cli (>=0.1.8 <=0.1.15) +541 more potentially affected by CVE-2023-40590 via gitpython (>=0.3.4 <=3.1.32)
gitpython PYPI version =0.3.4, =1.2.3, =0.1.8, =0.5.0, =1.0.0, =1.0.1, =0.0.1, =2.0.1, =0.10.0, =0.0.1a0, =0.0.3, =6.1.3, =0.0.3, =0.0.0, =2.0.0 and more Source cves: CVE-2023-40590 Source advisory: OSV:PYSEC-2023-161...