Linux Distros Unpatched Vulnerability : CVE-2023-40590

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GitPython is a python library used to interact with Git repositories. When resolving a program, Python/Windows look for the current working directory, and after...

TencentOS Server 4: python-GitPython (TSSA-2025:0160)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0160 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

TencentOS Server 4: python-GitPython (TSSA-2025:0060)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0060 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

python311-GitPython-3.1.44-1.1 on GA media (moderate)

python311-GitPython-3.1.44-1.1 on GA media Announcement ID: openSUSE-SU-2025:14858-1 Rating: moderate Cross-References: CVE-2022-24439 CVSS scores: CVE-2022-24439 SUSE : 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: openSUSE Tumbleweed An update that solves one vulnerability...

Linux Distros Unpatched Vulnerability : CVE-2023-40267

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GitPython before 3.1.32 does not block insecure non-multi options in clone and clonefrom. NOTE: this issue exists because of an incomplete fix for CVE-2022-2443...

Linux Distros Unpatched Vulnerability : CVE-2023-41040

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GitPython is a python library used to interact with Git repositories. In order to resolve some git references, GitPython reads files from the .git directory, in...

CVE-2024-22190

GitPython is a python library used to interact with Git repositories. There is an incomplete fix for CVE-2023-40590. On Windows, GitPython uses an untrusted search path if it uses a shell to run git, as well as when it runs bash.exe to interpret hooks. If either of those features are used on...

Fedora 37 : GitPython (2022-8146a727a8)

The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2022-8146a727a8 advisory. Latest upstream release with fix for CVE-2022-24439. Tenable has extracted the preceding description block directly from the Fedora security advisor...

RHSA-2024:0190 Red Hat Security Advisory: Red Hat OpenStack Platform 17.1 (GitPython) security update

Bulletin has no description...

RHSA-2024:0215 Red Hat Security Advisory: Red Hat OpenStack Platform 17.1 (GitPython) security update

Bulletin has no description...

Fedora: Security Advisory (FEDORA-2023-7b78427a7d)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

OPENSUSE-SU-2024:13146-1 python310-GitPython-3.1.32.1689011721.5d45ce2-1.1 on GA media

These are all security issues fixed in the python310-GitPython-3.1.32.1689011721.5d45ce2-1.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2024:13207-1 python310-GitPython-3.1.34.1693646983.2a2ae77-1.1 on GA media

These are all security issues fixed in the python310-GitPython-3.1.34.1693646983.2a2ae77-1.1 package on the GA media of openSUSE Tumbleweed...

ROS-20240611-16

A vulnerability in the gitpython package is related to external git calls without sufficiently cleaning up input arguments. Exploitation of the vulnerability could allow an attacker acting remotely to inject a malicious remote URL into a clone command...

RHEL 7 : gitpython (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - GitPython: Insecure non-multi options in clone and clonefrom is not blocked CVE-2023-40267 - GitPython is...

RHEL 8 / 9 : Red Hat Ansible Automation Platform 2.4 Product Security and Bug Fix Update (Moderate) (RHSA-2024:0322)

The remote Redhat Enterprise Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:0322 advisory. Red Hat Ansible Automation Platform provides an enterprise framework for building, deploying and managing IT automation at scale. IT...

Fedora 40 : GitPython (2023-7b78427a7d)

The remote Fedora 40 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-7b78427a7d advisory. Automatic update for GitPython-3.1.40-1.fc40. Changelog Thu Nov 9 2023 Carl George - 3.1.40-1 - Update to version 3.1.40, resolves rhbz2221770 - Fix...

RHEL 8 : Red Hat OpenStack Platform 17.1 (GitPython) (RHSA-2024:0190)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:0190 advisory. GitPython is a python library used to interact with Git repositories. Security Fixes: Blind local file inclusion CVE-2023-41040 For more details abou...

RHEL 8 : Satellite 6.13.5 Async Security Update (Important) (RHSA-2023:5931)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:5931 advisory. Red Hat Satellite is a system management solution that allows organizations to configure and maintain their systems without the necessity to...

RHEL 8 / 9 : Red Hat Ansible Automation Platform 2.4 Product Security and Bug Fix Update (Moderate) (RHSA-2023:4971)

The remote Redhat Enterprise Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:4971 advisory. Red Hat Ansible Automation Platform provides an enterprise framework for building, deploying and managing IT automation at scale. IT...