CVE-2023-41040

See a problem?

Source

https://nvd.nist.gov/vuln/detail/CVE-2023-41040

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-41040.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2023-41040

Aliases

Related

Published

2023-08-30T22:15:09Z

Modified

2024-09-22T00:53:53.488464Z

Severity

6.5 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L CVSS Calculator

Summary

[none]

Details

GitPython is a python library used to interact with Git repositories. In order to resolve some git references, GitPython reads files from the .git directory, in some places the name of the file being read is provided by the user, GitPython doesn't check if this file is located outside the .git directory. This allows an attacker to make GitPython read any file from the system. This vulnerability is present in https://github.com/gitpython-developers/GitPython/blob/1c8310d7cae144f74a671cbe17e51f63a830adbf/git/refs/symbolic.py#L174-L175. That code joins the base directory with a user given string without checking if the final path is located outside the base directory. This vulnerability cannot be used to read the contents of files but could in theory be used to trigger a denial of service for the program. This issue has been addressed in version 3.1.37.

References

Affected packages

Debian:11 / python-git

Package

Name: python-git
Purl: pkg:deb/debian/python-git?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

3.*

3.1.14-1

3.1.23-1

3.1.24-1

3.1.27-1

3.1.30-1

3.1.36-1

3.1.37-1

3.1.37-2

3.1.37-3

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / python-git

Package

Name: python-git
Purl: pkg:deb/debian/python-git?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3.1.30-1+deb12u2

Affected versions

3.*

3.1.30-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / python-git

Package

Name: python-git
Purl: pkg:deb/debian/python-git?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3.1.36-1

Affected versions

3.*

3.1.30-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Git / github.com/gitpython-developers/gitpython

Affected ranges

Type: GIT
Repo: https://github.com/gitpython-developers/gitpython
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

74e55ee4544867e1bd976b7df5a45869ee397b0b

Fixed

e98f57b81f792f0f5e18d33ee658ae395f9aa3c4

Affected versions

0.*

0.1.4

0.1.4-pre

0.1.5

0.1.6

0.2.0-beta1

0.3.0-beta1

0.3.0-beta2

0.3.1-beta1

0.3.1-beta2

0.3.2

0.3.2-RC1

0.3.2.1

0.3.3

0.3.4

0.3.5

0.3.6

0.3.7

1.*

1.0.0

1.0.1

1.0.2

2.*

2.0.0

2.0.1

2.0.2

2.0.3

2.0.4

2.0.5

2.0.6

2.0.7

2.0.8

2.0.9

2.1.0

2.1.1

2.1.10

2.1.11

2.1.12

2.1.13

2.1.2

2.1.3

2.1.4

2.1.5

2.1.6

2.1.7

2.1.8

2.1.9

3.*

3.0.0

3.0.1

3.0.2

3.0.3

3.0.4

3.0.5

3.0.6

3.0.7

3.0.8

3.0.9

3.1.0

3.1.1

3.1.10

3.1.11

3.1.12

3.1.13

3.1.14

3.1.15

3.1.16

3.1.17

3.1.18

3.1.19

3.1.2

3.1.20

3.1.22

3.1.23

3.1.24

3.1.25

3.1.26

3.1.27

3.1.28

3.1.29

3.1.3

3.1.30

3.1.31

3.1.32

3.1.33

3.1.34

3.1.4

3.1.5

3.1.6

3.1.7

3.1.8

3.1.9

Other

winerr_show