Lucene search
+L

15 matches found

nessus
nessus
added 2025/03/05 12:0 a.m.15 views

Linux Distros Unpatched Vulnerability : CVE-2023-40267

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GitPython before 3.1.32 does not block insecure non-multi options in clone and clonefrom. NOTE: this issue exists because of an incomplete fix for CVE-2022-2443...

9.8CVSS7.3AI score0.00984EPSS
Exploits0References2
nessus
nessus
added 2024/05/11 12:0 a.m.36 views

RHEL 7 : gitpython (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - GitPython: Insecure non-multi options in clone and clonefrom is not blocked CVE-2023-40267 - GitPython is...

8.4AI score0.01012EPSS
Exploits1References2
nessus
nessus
added 2024/04/28 12:0 a.m.28 views

RHEL 8 / 9 : Red Hat Ansible Automation Platform 2.4 Product Security and Bug Fix Update (Moderate) (RHSA-2023:4971)

The remote Redhat Enterprise Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:4971 advisory. Red Hat Ansible Automation Platform provides an enterprise framework for building, deploying and managing IT automation at scale. IT...

9.8CVSS6.9AI score0.01301EPSS
Exploits1References7
nessus
nessus
added 2024/04/28 12:0 a.m.28 views

RHEL 8 / 9 : Red Hat Ansible Automation Platform 2.3 Product Security and Bug Fix Update (Low) (RHSA-2023:4991)

The remote Redhat Enterprise Linux 8 / 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2023:4991 advisory. Red Hat Ansible Automation Platform provides an enterprise framework for building, deploying and managing IT automation at scale. IT Managers can...

9.8CVSS7.9AI score0.00984EPSS
Exploits0References5
openvas
openvas
added 2023/09/01 12:0 a.m.28 views

Ubuntu: Security Advisory (USN-6326-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.6AI score0.00984EPSS
Exploits0References2
nessus
nessus
added 2023/08/31 12:0 a.m.32 views

Ubuntu 16.04 ESM / 18.04 ESM / 20.04 ESM / 22.04 ESM / 23.04 : GitPython vulnerability (USN-6326-1)

The remote Ubuntu 16.04 ESM / 18.04 ESM / 20.04 ESM / 22.04 ESM / 23.04 host has packages installed that are affected by a vulnerability as referenced in the USN-6326-1 advisory. It was discovered that GitPython did not block insecure options from user inputs in the clone command. An attacker cou...

9.8CVSS8.5AI score0.00984EPSS
Exploits0References2
nessus
nessus
added 2023/08/22 12:0 a.m.37 views

Fedora 38 : GitPython (2023-1ec4e542f9)

The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-1ec4e542f9 advisory. New upstream release fixing CVE-2022-24439. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note...

9.8CVSS8.2AI score0.05378EPSS
Exploits1References3
circl
circl
added 2023/08/11 2:46 p.m.9 views

CVE-2023-40267

creationtimestamp| type| source ---|---|--- 2023-08-11 14:46:53+00:00| seen| https://t.me/cibsecurity/68331...

9.8CVSS8.5AI score0.00984EPSS
Exploits0References1
vulnersosv
vulnersosv
added 2023/08/11 9:30 a.m.4 views

agixt (>=1.2.3 <=1.3.89), aicrowd-cli (>=0.1.8 <=0.1.15) +524 more potentially affected by CVE-2023-40267 via gitpython (>=0.3.4 <=3.1.31)

gitpython PYPI version =0.3.4, =1.2.3, =0.1.8, =0.5.0, =1.0.0, =1.0.1, =0.0.1, =2.0.1, =0.10.0, =0.0.1a0, =0.0.3, =6.1.3, =0.0.3, =0.0.0, =2.0.0 and more Source cves: CVE-2023-40267 Source advisory: OSV:GHSA-PR76-5CM5-W9CJ...

9.8CVSS7.7AI score0.00984EPSS
Exploits0
vulnersosv
vulnersosv
added 2023/08/11 7:15 a.m.5 views

agixt (>=1.2.3 <=1.3.89), aicrowd-cli (>=0.1.8 <=0.1.15) +524 more potentially affected by CVE-2023-40267 via gitpython (>=0.3.4 <=3.1.31)

gitpython PYPI version =0.3.4, =1.2.3, =0.1.8, =0.5.0, =1.0.0, =1.0.1, =0.0.1, =2.0.1, =0.10.0, =0.0.1a0, =0.0.3, =6.1.3, =0.0.3, =0.0.0, =2.0.0 and more Source cves: CVE-2023-40267 Source advisory: OSV:PYSEC-2023-137...

9.8CVSS7.7AI score0.00984EPSS
Exploits0
cve
cve
added 2023/08/11 12:0 a.m.340 views

CVE-2023-40267

GitPython vulnerability CVE-2023-40267 affects versions before 3.1.32, where insecure non-multi options in clone and clone_from are not blocked. This arises as a follow-up to an incomplete fix for CVE-2022-24439. The issue enables Remote Code Execution via crafted or insecure remote URLs used in ...

9.8CVSS9.4AI score0.00984EPSS
Exploits0References5Affected Software1
cvelist
cvelist
added 2023/08/11 12:0 a.m.56 views

CVE-2023-40267

GitPython before 3.1.32 does not block insecure non-multi options in clone and clonefrom. NOTE: this issue exists because of an incomplete fix for CVE-2022-24439...

9.8AI score0.00984EPSS
Exploits0References4
ubuntucve
ubuntucve
added 2023/08/11 12:0 a.m.106 views

CVE-2023-40267

GitPython before 3.1.32 does not block insecure non-multi options in clone and clonefrom. NOTE: this issue exists because of an incomplete fix for CVE-2022-24439...

9.8CVSS7.1AI score0.00984EPSS
Exploits0References5
osv
osv
added 2023/08/11 12:0 a.m.47 views

CVE-2023-40267

GitPython before 3.1.32 does not block insecure non-multi options in clone and clonefrom. NOTE: this issue exists because of an incomplete fix for CVE-2022-24439...

9.8CVSS7.3AI score0.00984EPSS
Exploits0References7
alpinelinux
alpinelinux
added 2023/08/11 12:0 a.m.48 views

CVE-2023-40267

GitPython before 3.1.32 does not block insecure non-multi options in clone and clonefrom. NOTE: this issue exists because of an incomplete fix for CVE-2022-24439...

9.8CVSS9.2AI score0.05378EPSS
Exploits1References5
Rows per page
Query Builder