GitPython before 3.1.32 does not block insecure non-multi options in clone and clone_from. NOTE: this issue exists because of an incomplete fix for CVE-2022-24439.

OSVersionArchitecturePackageVersionFilename
Alpine3.18-communitynoarchpy3-gitpython= 3.1.31-r1UNKNOWN

OS	Version	Architecture	Package	Version	Filename
Alpine	3.18-community	noarch	py3-gitpython	= 3.1.31-r1	UNKNOWN

openvas 8

cvelist 2

prion 2

osv 9

nessus 14

gitlab 2

ubuntucve 2

github 2

debiancve 2

fedora 4

nvd 2

cve 2

veracode 2

redhatcve 2

redos 2

redhat 4

ubuntu 2

gentoo 1

debian 1

mageia 1

rocky 1

ibm 1

openvas

Fedora: Security Advisory for GitPython (FEDORA-2023-26116901d9)

2023-08-25 00:00:00

Fedora: Security Advisory for GitPython (FEDORA-2023-1ec4e542f9)

2023-08-23 00:00:00

Debian: Security Advisory (DLA-3502-1)

2023-07-26 00:00:00

cvelist

CVE-2023-40267

2023-08-11 00:00:00

CVE-2022-24439 Remote Code Execution (RCE)

2022-12-06 00:00:00

prion

Code injection

2023-08-11 07:15:00

Design/Logic Flaw

2022-12-06 05:15:00

osv

PYSEC-2023-137

2023-08-11 07:15:00

GitPython vulnerable to remote code execution due to insufficient sanitization of input arguments

2023-08-11 09:30:36

CVE-2023-40267

2023-08-11 07:15:09

nessus

Ubuntu 16.04 ESM / 18.04 ESM / 20.04 ESM / 22.04 ESM / 23.04 : GitPython vulnerability (USN-6326-1)

2023-08-31 00:00:00

Fedora 37 : GitPython (2023-26116901d9)

2023-08-25 00:00:00

Fedora 38 : GitPython (2023-1ec4e542f9)

2023-08-22 00:00:00

gitlab

Improper Input Validation

2023-08-11 00:00:00

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

2022-12-06 00:00:00

ubuntucve

CVE-2023-40267

2023-08-11 00:00:00

CVE-2022-24439

2022-12-06 00:00:00

github

GitPython vulnerable to remote code execution due to insufficient sanitization of input arguments

2023-08-11 09:30:36

GitPython vulnerable to Remote Code Execution due to improper user input validation

2022-12-06 06:30:17

debiancve

CVE-2023-40267

2023-08-11 07:15:09

CVE-2022-24439

2022-12-06 05:15:11

fedora

[SECURITY] Fedora 38 Update: GitPython-3.1.32-1.fc38

2023-08-22 17:17:47

[SECURITY] Fedora 37 Update: GitPython-3.1.32-1.fc37

2023-08-25 00:43:08

[SECURITY] Fedora 37 Update: GitPython-3.1.30-1.fc37

2023-01-04 01:25:25

nvd

CVE-2023-40267

2023-08-11 07:15:09

CVE-2022-24439

2022-12-06 05:15:11

cve

CVE-2023-40267

2023-08-11 07:15:09

CVE-2022-24439

2022-12-06 05:15:11

veracode

Remote Code Execution (RCE)

2023-08-14 05:13:15

Remote Code Execution (RCE)

2022-12-11 03:40:58

redhatcve

CVE-2023-40267

2023-08-22 17:50:49

CVE-2022-24439

2022-12-07 15:01:17

redos

ROS-20240611-13

2024-06-11 00:00:00

ROS-20240611-16

2024-06-11 00:00:00

redhat

(RHSA-2023:4991) Low: Red Hat Ansible Automation Platform 2.3 Product Security and Bug Fix Update

2023-09-06 12:59:39

(RHSA-2023:4971) Moderate: Red Hat Ansible Automation Platform 2.4 Product Security and Bug Fix Update

2023-09-05 11:43:37

(RHSA-2023:5931) Important: Satellite 6.13.5 Async Security Update

2023-10-19 12:48:52

ubuntu

GitPython vulnerability

2023-08-31 00:00:00

GitPython vulnerability

2023-03-22 00:00:00

gentoo

GitPython: Code Execution via Crafted Input

2023-11-01 00:00:00

debian

[SECURITY] [DLA 3502-1] python-git security update

2023-07-25 10:13:20

mageia

Updated python-gitpython packages fix security vulnerability

2023-01-13 20:37:09

rocky

Satellite 6.14 security and bug fix update

2023-11-11 22:58:57

ibm

Security Bulletin: Multiple Vulnerabilities in IBM Cloud Pak for Multicloud Management

2024-02-28 21:45:52

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

0.011 Low

EPSS

Percentile

84.1%

JSON

Related for ALPINE:CVE-2023-40267