OESA-2023-1529 python-GitPython security update

GitPython is a python library used to interact with git repositories, high-level like git-porcelain, or low-level like git-plumbing. Security Fixes: All versions of package gitpython are vulnerable to Remote Code Execution RCE due to improper user input validation, which makes it possible to inje...

GitPython vulnerable to remote code execution due to insufficient sanitization of input arguments

GitPython before 3.1.32 does not block insecure non-multi options in clone and clonefrom, making it vulnerable to Remote Code Execution RCE due to improper user input validation, which makes it possible to inject a maliciously crafted remote URL into the clone command. Exploiting this vulnerabili...

GHSA-HCPJ-QP55-GFPH GitPython vulnerable to Remote Code Execution due to improper user input validation

All versions of package gitpython are vulnerable to Remote Code Execution RCE due to improper user input validation, which makes it possible to inject a maliciously crafted remote URL into the clone command. Exploiting this vulnerability is possible because the library makes external calls to git...

Mercurial sshpeer '_validaterepo' function arbitrary command execution vulnerability

Mercurial is a software developer Matt Mackall developed a set of cross-platform distributed version control software written in the Python language . The software supports the simultaneous processing of plain text and binary files and so on. A security vulnerability exists in the 'validaterepo'...