Vulnerabilities

search
ID
Packages
Summary
Published
arrow_upward
Attributes
GHSA-mv93-w799-cj2w
  • PyPI/gitpython
 GitPython: Newline injection in config_writer() section parameter bypasses CVE-2026-42215 patch, enabling RCE via core.hooksPath 08 May
  • Fix available
  • Severity - 7.0 (High)
GHSA-v87r-6q3f-2j67
  • PyPI/gitpython
 GitPython: Newline injection in config_writer().set_value() enables RCE via core.hooksPath 06 May
  • Fix available
  • Severity - 7.8 (High)
GHSA-7545-fcxq-7j24
  • PyPI/gitpython
 GitPython reference APIs has a path traversal vulnerability that allows arbitrary file write and delete outside the repository 06 May
  • Fix available
  • Severity - 7.8 (High)
GHSA-rpm5-65cw-6hj4
  • PyPI/gitpython
 GitPython has Command Injection via Git options bypass 25 Apr
  • Fix available
  • Severity - 8.8 (High)
GHSA-x2qx-6953-8485
  • PyPI/gitpython
 GitPython: Unsafe option check validates multi_options before shlex.split transformation 25 Apr
  • Fix available
  • Severity - 8.1 (High)
PYSEC-2024-4
  • PyPI/gitpython
  • github.com/gitpython-developers/GitPython
 See record for full details 11 Jan 2024
  • Fix available
  • Severity - 7.8 (High)
GHSA-2mqj-m65w-jghx
  • PyPI/gitpython
 Untrusted search path under some conditions on Windows allows arbitrary code execution 10 Jan 2024
  • Fix available
  • Severity - 8.6 (High)
PYSEC-2023-165
  • PyPI/gitpython
 See record for full details 30 Aug 2023
  • Fix available
  • Severity - 6.5 (Medium)
GHSA-cwvm-v4w8-q58c
  • PyPI/gitpython
 GitPython blind local file inclusion 30 Aug 2023
  • Fix available
  • Severity - 6.9 (Medium)
GHSA-wfm5-v35h-vwf4
  • PyPI/gitpython
 GitPython untrusted search path on Windows systems leading to arbitrary code execution 29 Aug 2023
  • Fix available
  • Severity - 8.6 (High)
PYSEC-2023-161
  • PyPI/gitpython
 See record for full details 28 Aug 2023
  • Fix available
  • Severity - 7.8 (High)
GHSA-pr76-5cm5-w9cj
  • PyPI/gitpython
 GitPython vulnerable to remote code execution due to insufficient sanitization of input arguments 11 Aug 2023
  • Fix available
  • Severity - 9.3 (Critical)
PYSEC-2023-137
  • PyPI/gitpython
  • github.com/gitpython-developers/GitPython
 See record for full details 11 Aug 2023
  • Fix available
GHSA-hcpj-qp55-gfph
  • PyPI/gitpython
 GitPython vulnerable to Remote Code Execution due to improper user input validation 06 Dec 2022
  • Fix available
  • Severity - 9.2 (Critical)
PYSEC-2022-42992
  • PyPI/gitpython
 See record for full details 06 Dec 2022
  • Fix available