10 matches found
Linux Distros Unpatched Vulnerability : CVE-2024-22190
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GitPython is a python library used to interact with Git repositories. There is an incomplete fix for CVE-2023-40590. On Windows, GitPython uses an untrusted...
Security Bulletin: Vulnerability in GitPython affects IBM Process Mining CVE-2024-22190
Summary There is a vulnerability in GitPython that could allow an remote attacker to execute arbitrary code on the system,. The code is used by IBM Process Mining. This bulletin identifies the security fixes to apply to address the vulnerability. Vulnerability Details CVEID:CVE-2024-22190...
CVE-2024-22190 vulnerabilities
Vulnerabilities for packages: checkov...
agixt (>=1.2.3 <=1.3.155), aicrowd-cli (>=0.1.8 <=0.1.15) +593 more potentially affected by CVE-2024-22190 via gitpython (>=0.3.4 <=3.1.40)
gitpython PYPI version =0.3.4, =1.2.3, =0.1.8, =0.5.0, =1.0.0, =1.0.1, =0.0.1, =2.0.1, =0.10.0, =0.0.1a0, =0.0.1b0, =0.0.3, =6.1.3, =0.0.3, =0.0.5rc2 - apache-liminal-test-spark =0.0.0 and more Source cves: CVE-2024-22190 Source advisory: OSV:PYSEC-2024-4...
CVE-2024-22190
CVE-2024-22190 (GitPython) affects GitPython, where an incomplete fix for CVE-2023-40590 leaves an untrusted search path risk on Windows when a shell is used to run git or when bash.exe is used to interpret hooks. The issue can allow a malicious git.exe or bash.exe from an untrusted repository to...
CVE-2024-22190
GitPython is a python library used to interact with Git repositories. There is an incomplete fix for CVE-2023-40590. On Windows, GitPython uses an untrusted search path if it uses a shell to run git, as well as when it runs bash.exe to interpret hooks. If either of those features are used on...
CVE-2024-22190 Untrusted search path under some conditions on Windows allows arbitrary code execution
GitPython is a python library used to interact with Git repositories. There is an incomplete fix for CVE-2023-40590. On Windows, GitPython uses an untrusted search path if it uses a shell to run git, as well as when it runs bash.exe to interpret hooks. If either of those features are used on...
CVE-2024-22190 Untrusted search path under some conditions on Windows allows arbitrary code execution
GitPython is a python library used to interact with Git repositories. There is an incomplete fix for CVE-2023-40590. On Windows, GitPython uses an untrusted search path if it uses a shell to run git, as well as when it runs bash.exe to interpret hooks. If either of those features are used on...
CVE-2024-22190
GitPython is a python library used to interact with Git repositories. There is an incomplete fix for CVE-2023-40590. On Windows, GitPython uses an untrusted search path if it uses a shell to run git, as well as when it runs bash.exe to interpret hooks. If either of those features are used on...
agixt (>=1.2.3 <=1.3.155), aicrowd-cli (>=0.1.8 <=0.1.15) +593 more potentially affected by CVE-2024-22190 via gitpython (>=0.3.4 <=3.1.40)
gitpython PYPI version =0.3.4, =1.2.3, =0.1.8, =0.5.0, =1.0.0, =1.0.1, =0.0.1, =2.0.1, =0.10.0, =0.0.1a0, =0.0.1b0, =0.0.3, =6.1.3, =0.0.3, =0.0.5rc2 - apache-liminal-test-spark =0.0.0 and more Source cves: CVE-2024-22190 Source advisory: OSV:GHSA-2MQJ-M65W-JGHX...