Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

291 matches found

SUSE CVE
SUSE CVEadded 2024/01/13 2:43 a.m.1 views

SUSE CVE-2024-22190

GitPython is a python library used to interact with Git repositories. There is an incomplete fix for CVE-2023-40590. On Windows, GitPython uses an untrusted search path if it uses a shell to run git, as well as when it runs bash.exe to interpret hooks. If either of those features are used on...

7.8CVSS8.2AI score0.00316EPSS
Exploits0References3
Veracode
Veracodeadded 2024/01/12 6:59 a.m.14 views

Arbitrary Code Execution

gitpython is vulnerable to Arbitrary Code Execution. The vulnerability is due to an untrusted shell search path used to run the git executable, as well as when it runs bash.exe to interpret hooks. If either of these is used, a malicious .exe file may be executed from an untrusted repository...

7.8CVSS6.9AI score0.00316EPSS
Exploits0References3Affected Software1
NVD
NVDadded 2024/01/11 2:15 a.m.11 views

CVE-2024-22190

GitPython is a python library used to interact with Git repositories. There is an incomplete fix for CVE-2023-40590. On Windows, GitPython uses an untrusted search path if it uses a shell to run git, as well as when it runs bash.exe to interpret hooks. If either of those features are used on...

7.8CVSS7.7AI score0.00316EPSS
Exploits0References3
UbuntuCve
UbuntuCveadded 2024/01/11 2:15 a.m.19 views

CVE-2024-22190

GitPython is a python library used to interact with Git repositories. There is an incomplete fix for CVE-2023-40590. On Windows, GitPython uses an untrusted search path if it uses a shell to run git, as well as when it runs bash.exe to interpret hooks. If either of those features are used on...

7.8CVSS6.9AI score0.00316EPSS
Exploits0References5
Prion
Prionadded 2024/01/11 2:15 a.m.24 views

Design/Logic Flaw

GitPython is a python library used to interact with Git repositories. There is an incomplete fix for CVE-2023-40590. On Windows, GitPython uses an untrusted search path if it uses a shell to run git, as well as when it runs bash.exe to interpret hooks. If either of those features are used on...

4.4CVSS7AI score0.00465EPSS
Exploits1References3Affected Software1
PyPA
PyPAadded 2024/01/11 2:15 a.m.5 views

PYSEC-2024-4

GitPython is a python library used to interact with Git repositories. There is an incomplete fix for CVE-2023-40590. On Windows, GitPython uses an untrusted search path if it uses a shell to run git, as well as when it runs bash.exe to interpret hooks. If either of those features are used on...

7.8CVSS8.1AI score0.00465EPSS
Exploits1References4Affected Software1
vulnersOsv
vulnersOsvadded 2024/01/11 2:15 a.m.4 views

agixt (>=1.2.3 <=1.3.155), aicrowd-cli (>=0.1.8 <=0.1.15) +594 more potentially affected by CVE-2024-22190 via gitpython (>=0.3.4 <=3.1.40)

gitpython PYPI version =0.3.4, =1.2.3, =0.1.8, =0.5.0, =1.0.0, =1.0.1, =0.0.1, =2.0.1, =0.10.0, =0.0.1a0, =0.0.1b0, =0.0.3, =6.1.3, =0.0.3, =0.0.5rc2 - apache-liminal-test-spark =0.0.0 and more Source cves: CVE-2024-22190 Source advisory: OSV:PYSEC-2024-4...

7.8CVSS7.2AI score0.00316EPSS
Exploits0
OSV
OSVadded 2024/01/11 2:15 a.m.5 views

UBUNTU-CVE-2024-22190

GitPython is a python library used to interact with Git repositories. There is an incomplete fix for CVE-2023-40590. On Windows, GitPython uses an untrusted search path if it uses a shell to run git, as well as when it runs bash.exe to interpret hooks. If either of those features are used on...

7.8CVSS7AI score0.00316EPSS
Exploits0References6
OSV
OSVadded 2024/01/11 2:15 a.m.5 views

PYSEC-2024-4

GitPython is a python library used to interact with Git repositories. There is an incomplete fix for CVE-2023-40590. On Windows, GitPython uses an untrusted search path if it uses a shell to run git, as well as when it runs bash.exe to interpret hooks. If either of those features are used on...

7.8CVSS6.9AI score0.00316EPSS
Exploits0References3
Vulnrichment
Vulnrichmentadded 2024/01/11 1:23 a.m.22 views

CVE-2024-22190 Untrusted search path under some conditions on Windows allows arbitrary code execution

GitPython is a python library used to interact with Git repositories. There is an incomplete fix for CVE-2023-40590. On Windows, GitPython uses an untrusted search path if it uses a shell to run git, as well as when it runs bash.exe to interpret hooks. If either of those features are used on...

7.8CVSS7.2AI score0.00316EPSS
Exploits0References3
CVE
CVEadded 2024/01/11 1:23 a.m.293 views

CVE-2024-22190

CVE-2024-22190 (GitPython) affects GitPython, where an incomplete fix for CVE-2023-40590 leaves an untrusted search path risk on Windows when a shell is used to run git or when bash.exe is used to interpret hooks. The issue can allow a malicious git.exe or bash.exe from an untrusted repository to...

7.8CVSS7.5AI score0.00316EPSS
Exploits0References3Affected Software1
AlpineLinux
AlpineLinuxadded 2024/01/11 1:23 a.m.20 views

CVE-2024-22190

GitPython is a python library used to interact with Git repositories. There is an incomplete fix for CVE-2023-40590. On Windows, GitPython uses an untrusted search path if it uses a shell to run git, as well as when it runs bash.exe to interpret hooks. If either of those features are used on...

7.8CVSS7.3AI score0.00465EPSS
Exploits1References3
Cvelist
Cvelistadded 2024/01/11 1:23 a.m.23 views

CVE-2024-22190 Untrusted search path under some conditions on Windows allows arbitrary code execution

GitPython is a python library used to interact with Git repositories. There is an incomplete fix for CVE-2023-40590. On Windows, GitPython uses an untrusted search path if it uses a shell to run git, as well as when it runs bash.exe to interpret hooks. If either of those features are used on...

7.8CVSS7.8AI score0.00316EPSS
Exploits0References3
OSV
OSVadded 2024/01/11 1:23 a.m.26 views

CVE-2024-22190 Untrusted search path under some conditions on Windows allows arbitrary code execution

GitPython is a python library used to interact with Git repositories. There is an incomplete fix for CVE-2023-40590. On Windows, GitPython uses an untrusted search path if it uses a shell to run git, as well as when it runs bash.exe to interpret hooks. If either of those features are used on...

7.8CVSS7.7AI score0.00316EPSS
Exploits0References5
Debian CVE
Debian CVEadded 2024/01/11 1:23 a.m.34 views

CVE-2024-22190

GitPython is a python library used to interact with Git repositories. There is an incomplete fix for CVE-2023-40590. On Windows, GitPython uses an untrusted search path if it uses a shell to run git, as well as when it runs bash.exe to interpret hooks. If either of those features are used on...

7.8CVSS7.8AI score0.00316EPSS
Exploits0
CNNVD
CNNVDadded 2024/01/11 12:0 a.m.1 views

GitPython Code Issues Vulnerabilities

GitPython is a Python library for interacting with Git repositories open-sourced by gitpython-developers. A code issue vulnerability exists in GitPython 3.1.40 and earlier versions that stems from allowing an attacker to execute arbitrary code via an untrusted search path...

7.8CVSS7.7AI score0.00316EPSS
Exploits0References4
vulnersOsv
vulnersOsvadded 2024/01/10 3:46 p.m.4 views

agixt (>=1.2.3 <=1.3.155), aicrowd-cli (>=0.1.8 <=0.1.15) +594 more potentially affected by CVE-2024-22190 via gitpython (>=0.3.4 <=3.1.40)

gitpython PYPI version =0.3.4, =1.2.3, =0.1.8, =0.5.0, =1.0.0, =1.0.1, =0.0.1, =2.0.1, =0.10.0, =0.0.1a0, =0.0.1b0, =0.0.3, =6.1.3, =0.0.3, =0.0.5rc2 - apache-liminal-test-spark =0.0.0 and more Source cves: CVE-2024-22190 Source advisory: OSV:GHSA-2MQJ-M65W-JGHX...

7.8CVSS7.2AI score0.00316EPSS
Exploits0
OSV
OSVadded 2024/01/10 3:46 p.m.2 views

GHSA-2MQJ-M65W-JGHX Untrusted search path under some conditions on Windows allows arbitrary code execution

Summary This issue exists because of an incomplete fix for CVE-2023-40590. On Windows, GitPython uses an untrusted search path if it uses a shell to run git, as well as when it runs bash.exe to interpret hooks. If either of those features are used on Windows, a malicious git.exe or bash.exe may b...

8.6CVSS7.4AI score0.00316EPSS
Exploits0References6
Github Security Blog
Github Security Blogadded 2024/01/10 3:46 p.m.22 views

Untrusted search path under some conditions on Windows allows arbitrary code execution

Summary This issue exists because of an incomplete fix for CVE-2023-40590. On Windows, GitPython uses an untrusted search path if it uses a shell to run git, as well as when it runs bash.exe to interpret hooks. If either of those features are used on Windows, a malicious git.exe or bash.exe may b...

7.8CVSS8AI score0.00465EPSS
Exploits1References6Affected Software1
Positive Technologies
Positive Technologiesadded 2024/01/10 12:0 a.m.2 views

PT-2024-1236

Name of the Vulnerable Software and Affected Versions GitPython versions prior to 3.1.41 Description The issue is related to the use of an untrusted search path in GitPython, a Python library for interacting with Git repositories. This could allow an attacker to execute arbitrary code with elevat...

8.6CVSS8AI score0.00316EPSS
Exploits0References19
Rows per page
Query Builder