Lucene search
K

17 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-0062

Malicious code in bioql PyPI...

7.8CVSS7.7AI score0.00316EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2025/08/27 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2024-22190

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GitPython is a python library used to interact with Git repositories. There is an incomplete fix for CVE-2023-40590. On Windows, GitPython uses an untrusted...

7.8CVSS6.9AI score0.00465EPSS
Exploits1References2
NVD
NVD
added 2024/01/11 2:15 a.m.13 views

CVE-2024-22190

GitPython is a python library used to interact with Git repositories. There is an incomplete fix for CVE-2023-40590. On Windows, GitPython uses an untrusted search path if it uses a shell to run git, as well as when it runs bash.exe to interpret hooks. If either of those features are used on...

7.8CVSS7.7AI score0.00316EPSS
Exploits0References3
Prion
Prion
added 2024/01/11 2:15 a.m.25 views

Design/Logic Flaw

GitPython is a python library used to interact with Git repositories. There is an incomplete fix for CVE-2023-40590. On Windows, GitPython uses an untrusted search path if it uses a shell to run git, as well as when it runs bash.exe to interpret hooks. If either of those features are used on...

4.4CVSS7AI score0.00465EPSS
Exploits1References3Affected Software1
UbuntuCve
UbuntuCve
added 2024/01/11 2:15 a.m.23 views

CVE-2024-22190

GitPython is a python library used to interact with Git repositories. There is an incomplete fix for CVE-2023-40590. On Windows, GitPython uses an untrusted search path if it uses a shell to run git, as well as when it runs bash.exe to interpret hooks. If either of those features are used on...

7.8CVSS6.9AI score0.00316EPSS
Exploits0References5
OSV
OSV
added 2024/01/11 2:15 a.m.7 views

PYSEC-2024-4

GitPython is a python library used to interact with Git repositories. There is an incomplete fix for CVE-2023-40590. On Windows, GitPython uses an untrusted search path if it uses a shell to run git, as well as when it runs bash.exe to interpret hooks. If either of those features are used on...

7.8CVSS6.9AI score0.00316EPSS
Exploits0References3
PyPA
PyPA
added 2024/01/11 2:15 a.m.7 views

PYSEC-2024-4

GitPython is a python library used to interact with Git repositories. There is an incomplete fix for CVE-2023-40590. On Windows, GitPython uses an untrusted search path if it uses a shell to run git, as well as when it runs bash.exe to interpret hooks. If either of those features are used on...

7.8CVSS8.1AI score0.00465EPSS
Exploits1References4Affected Software1
Vulnrichment
Vulnrichment
added 2024/01/11 1:23 a.m.23 views

CVE-2024-22190 Untrusted search path under some conditions on Windows allows arbitrary code execution

GitPython is a python library used to interact with Git repositories. There is an incomplete fix for CVE-2023-40590. On Windows, GitPython uses an untrusted search path if it uses a shell to run git, as well as when it runs bash.exe to interpret hooks. If either of those features are used on...

7.8CVSS7.2AI score0.00316EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/01/11 1:23 a.m.34 views

CVE-2024-22190 Untrusted search path under some conditions on Windows allows arbitrary code execution

GitPython is a python library used to interact with Git repositories. There is an incomplete fix for CVE-2023-40590. On Windows, GitPython uses an untrusted search path if it uses a shell to run git, as well as when it runs bash.exe to interpret hooks. If either of those features are used on...

7.8CVSS7.8AI score0.00316EPSS
Exploits0References3
CVE
CVE
added 2024/01/11 1:23 a.m.300 views

CVE-2024-22190

CVE-2024-22190 (GitPython) affects GitPython, where an incomplete fix for CVE-2023-40590 leaves an untrusted search path risk on Windows when a shell is used to run git or when bash.exe is used to interpret hooks. The issue can allow a malicious git.exe or bash.exe from an untrusted repository to...

7.8CVSS7.5AI score0.00316EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2024/01/11 1:23 a.m.26 views

CVE-2024-22190 Untrusted search path under some conditions on Windows allows arbitrary code execution

GitPython is a python library used to interact with Git repositories. There is an incomplete fix for CVE-2023-40590. On Windows, GitPython uses an untrusted search path if it uses a shell to run git, as well as when it runs bash.exe to interpret hooks. If either of those features are used on...

7.8CVSS7.7AI score0.00316EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2023/08/30 2:14 a.m.3 views

SUSE CVE-2023-40590

GitPython is a python library used to interact with Git repositories. When resolving a program, Python/Windows look for the current working directory, and after that the PATH environment. GitPython defaults to use the git command, if a user runs GitPython from a repo has a git.exe or git...

7.8CVSS6.9AI score0.00465EPSS
Exploits1References4
vulnersOsv
vulnersOsv
added 2023/08/29 11:33 p.m.5 views

agixt (>=1.2.3 <=1.3.129), aicrowd-cli (>=0.1.8 <=0.1.15) +540 more potentially affected by CVE-2023-40590 via gitpython (>=0.3.4 <=3.1.32)

gitpython PYPI version =0.3.4, =1.2.3, =0.1.8, =0.5.0, =1.0.0, =1.0.1, =0.0.1, =2.0.1, =0.10.0, =0.0.1a0, =0.0.3, =6.1.3, =0.0.3, =0.0.0, =2.0.0 and more Source cves: CVE-2023-40590 Source advisory: OSV:GHSA-WFM5-V35H-VWF4...

7.8CVSS7AI score0.00465EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2023/08/28 6:15 p.m.5 views

agixt (>=1.2.3 <=1.3.129), aicrowd-cli (>=0.1.8 <=0.1.15) +540 more potentially affected by CVE-2023-40590 via gitpython (>=0.3.4 <=3.1.32)

gitpython PYPI version =0.3.4, =1.2.3, =0.1.8, =0.5.0, =1.0.0, =1.0.1, =0.0.1, =2.0.1, =0.10.0, =0.0.1a0, =0.0.3, =6.1.3, =0.0.3, =0.0.0, =2.0.0 and more Source cves: CVE-2023-40590 Source advisory: OSV:PYSEC-2023-161...

7.8CVSS7AI score0.00465EPSS
Exploits1
CVE
CVE
added 2023/08/28 5:24 p.m.79 views

CVE-2023-40590

GitPython (CVE-2023-40590) on Windows can execute a malicious git.exe/git in the current repository when GitPython runs git via a shell or when hooks use bash.exe, enabling arbitrary code execution. A patch exists: GitPython 3.1.41 (and advisories note this incomplete fix was addressed). Mitigati...

7.8CVSS7.4AI score0.00465EPSS
Exploits1References2Affected Software1
Debian CVE
Debian CVE
added 2023/08/28 5:24 p.m.33 views

CVE-2023-40590

GitPython is a python library used to interact with Git repositories. When resolving a program, Python/Windows look for the current working directory, and after that the PATH environment. GitPython defaults to use the git command, if a user runs GitPython from a repo has a git.exe or git...

7.8CVSS7.4AI score0.00465EPSS
Exploits1
Circl
Circl
added 2023/08/26 7:4 a.m.7 views

CVE-2023-40590

creationtimestamp| type| source ---|---|--- 2023-08-26 07:04:12+00:00| published-proof-of-concept| https://github.com/gitpython-developers/GitPython/security/advisories/GHSA-wfm5-v35h-vwf4 2023-08-28 22:16:57+00:00| seen| https://t.me/cibsecurity/69311 2024-01-19 10:29:47+00:00| seen|...

7.8CVSS7.1AI score0.00465EPSS
Exploits1References4
Rows per page
Query Builder