Lucene search
K

4 matches found

RedHat Linux
RedHat Linux
added 2023/10/19 1:15 p.m.14 views

GitPython: improper user input validation leads into a RCE

A remote code execution vulnerability exists in Git-python. By injecting a malicious URL into the clone command, an attacker can exploit this vulnerability as the library makes external calls to git without any input sanitization. This issue leads to complete system compromise...

9.8CVSS7.8AI score0.05378EPSS
Exploits1References5
OSV
OSV
added 2023/08/11 9:30 a.m.4 views

GHSA-PR76-5CM5-W9CJ GitPython vulnerable to remote code execution due to insufficient sanitization of input arguments

GitPython before 3.1.32 does not block insecure non-multi options in clone and clonefrom, making it vulnerable to Remote Code Execution RCE due to improper user input validation, which makes it possible to inject a maliciously crafted remote URL into the clone command. Exploiting this vulnerabili...

9.8CVSS6AI score0.00984EPSS
Exploits0References10
OSV
OSV
added 2022/12/06 5:15 a.m.4 views

UBUNTU-CVE-2022-24439

All versions of package gitpython are vulnerable to Remote Code Execution RCE due to improper user input validation, which makes it possible to inject a maliciously crafted remote URL into the clone command. Exploiting this vulnerability is possible because the library makes external calls to git...

9.8CVSS7.3AI score0.05378EPSS
Exploits1References6
OSV
OSV
added 2022/12/06 5:15 a.m.3 views

PYSEC-2022-42992

All versions of package gitpython are vulnerable to Remote Code Execution RCE due to improper user input validation, which makes it possible to inject a maliciously crafted remote URL into the clone command. Exploiting this vulnerability is possible because the library makes external calls to git...

9.8CVSS7.3AI score0.05378EPSS
Exploits1References8
Rows per page
Query Builder