Lucene search

RedHatRHSA-2024:0190

HistoryJan 16, 2024 - 2:14 p.m.

(RHSA-2024:0190) Moderate: Red Hat OpenStack Platform 17.1 (GitPython) security update

2024-01-1614:14:09

access.redhat.com

red hat openstack

git repositories

security fix

cve-2023-41040

unix

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L

AI Score

7.1

Confidence

Low

EPSS

0.001

Percentile

22.9%

JSON

GitPython is a python library used to interact with Git repositories.

Security Fix(es):

Blind local file inclusion (CVE-2023-41040)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page listed in the References section.

OSVersionArchitecturePackageVersionFilename
RedHat8noarchpython3-gitpython< 3.1.14-2.el8ostpython3-GitPython-3.1.14-2.el8ost.noarch.rpm

OS	Version	Architecture	Package	Version	Filename
RedHat	8	noarch	python3-gitpython	< 3.1.14-2.el8ost	python3-GitPython-3.1.14-2.el8ost.noarch.rpm

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L

AI Score

7.1

Confidence

Low

EPSS

0.001

Percentile

22.9%

JSON

Related for RHSA-2024:0190