Gitpython Security Vulnerabilities and Issues — Gitpython CVE List

Lucene search

Gitpython-developersGitpython

3 matches found

CVE•added 2024/01/11 2:15 a.m.•206 views

CVE-2024-22190

GitPython is a python library used to interact with Git repositories. There is an incomplete fix for CVE-2023-40590. On Windows, GitPython uses an untrusted search path if it uses a shell to run git, as well as when it runs bash.exe to interpret hooks. If either of those features are used on Window...

7.8CVSS7.5AI score0.00325EPSS

CVE•added 2023/08/30 10:15 p.m.•103 views

CVE-2023-41040

GitPython is a python library used to interact with Git repositories. In order to resolve some git references, GitPython reads files from the .git directory, in some places the name of the file being read is provided by the user, GitPython doesn't check if this file is located outside the .git dire...

6.5CVSS5.3AI score0.00203EPSS

CVE•added 2023/08/28 6:15 p.m.•53 views

CVE-2023-40590

GitPython is a python library used to interact with Git repositories. When resolving a program, Python/Windows look for the current working directory, and after that the PATH environment. GitPython defaults to use the git command, if a user runs GitPython from a repo has a git.exe or git executable...

7.8CVSS7.4AI score0.00325EPSS