Denial of service

An issue has been discovered in GitLab affecting all versions starting from 15.11 before 16.1.5, all versions starting from 16.2 before 16.2.5, all versions starting from 16.3 before 16.3.1. An authenticated user could trigger a denial of service when importing or cloning malicious content...

CVE-2023-3210

Removed by vendor...

USN-6326-1 python-git vulnerability

It was discovered that GitPython did not block insecure options from user inputs in the clone command. An attacker could possibly use this issue to execute arbitrary commands on the host...

OESA-2023-1529 python-GitPython security update

GitPython is a python library used to interact with git repositories, high-level like git-porcelain, or low-level like git-plumbing. Security Fixes: All versions of package gitpython are vulnerable to Remote Code Execution RCE due to improper user input validation, which makes it possible to inje...

UBUNTU-CVE-2021-40264

NULL pointer dereference vulnerability in FreeImage before 1.18.0 via the FreeImageCloneTag function inFreeImageTag.cpp...

Ash Allen Design RFID tag of Etekcity 3-in-1 Smart Door Lock 安全漏洞

Ash Allen Design RFID tag of Etekcity 3-in-1 Smart Door Lock is a 3-in-1 smart lock from Ash Allen Design. A security vulnerability exists in the Etekcity 3-in-1 Smart Door Lock v1.0 version. An attacker exploiting this vulnerability could create a cloned tag by briefly physically approaching the...

SUSE CVE-2023-40267

GitPython before 3.1.32 does not block insecure non-multi options in clone and clonefrom. NOTE: this issue exists because of an incomplete fix for CVE-2022-24439...

GitPython vulnerable to remote code execution due to insufficient sanitization of input arguments

GitPython before 3.1.32 does not block insecure non-multi options in clone and clonefrom, making it vulnerable to Remote Code Execution RCE due to improper user input validation, which makes it possible to inject a maliciously crafted remote URL into the clone command. Exploiting this vulnerabili...

GHSA-PR76-5CM5-W9CJ GitPython vulnerable to remote code execution due to insufficient sanitization of input arguments

GitPython before 3.1.32 does not block insecure non-multi options in clone and clonefrom, making it vulnerable to Remote Code Execution RCE due to improper user input validation, which makes it possible to inject a maliciously crafted remote URL into the clone command. Exploiting this vulnerabili...

CVE-2023-40267

GitPython before 3.1.32 does not block insecure non-multi options in clone and clonefrom. NOTE: this issue exists because of an incomplete fix for CVE-2022-24439...

DEBIAN-CVE-2023-40267

GitPython before 3.1.32 does not block insecure non-multi options in clone and clonefrom. NOTE: this issue exists because of an incomplete fix for CVE-2022-24439...

CVE-2023-40267

GitPython before 3.1.32 does not block insecure non-multi options in clone and clonefrom. NOTE: this issue exists because of an incomplete fix for CVE-2022-24439...

UBUNTU-CVE-2023-40267

GitPython before 3.1.32 does not block insecure non-multi options in clone and clonefrom. NOTE: this issue exists because of an incomplete fix for CVE-2022-24439...

PYSEC-2023-137

GitPython before 3.1.32 does not block insecure non-multi options in clone and clonefrom. NOTE: this issue exists because of an incomplete fix for CVE-2022-24439...

Code injection

GitPython before 3.1.32 does not block insecure non-multi options in clone and clonefrom. NOTE: this issue exists because of an incomplete fix for CVE-2022-24439...

PYSEC-2023-137

GitPython before 3.1.32 does not block insecure non-multi options in clone and clonefrom. NOTE: this issue exists because of an incomplete fix for CVE-2022-24439...

CVE-2023-40267

GitPython before 3.1.32 does not block insecure non-multi options in clone and clonefrom. NOTE: this issue exists because of an incomplete fix for CVE-2022-24439...

GitPython Security Vulnerabilities

GitPython is a Python library for interacting with Git repositories open-sourced by gitpython-developers. A security vulnerability exists in GitPython versions prior to 3.1.32 that stems from not blocking the unsafe non-multi option in clone and clonefrom...

Improper Input Validation

GitPython before 3.1.32 does not block insecure non-multi options in clone and clonefrom. NOTE: this issue exists because of an incomplete fix for CVE-2022-24439...

CVE-2023-40267

GitPython before 3.1.32 does not block insecure non-multi options in clone and clonefrom. NOTE: this issue exists because of an incomplete fix for CVE-2022-24439...