| CVE-2026-42284 |
critical |
9.8 |
9.8 |
|
|
|
27d ago |
GitPython: Unsafe option check validates multi_options before shlex.split transformation |
| CVE-2026-42215 |
high |
8.8 |
8.8 |
|
|
|
27d ago |
GitPython has Command Injection via Git options bypass |
| CVE-2023-40267 |
high |
— |
8.0 |
|
|
|
3y ago |
GitPython before 3.1.32 does not block insecure non-multi options in clone and clone_from. NOTE: this issue exists because of an incomplete fix for CVE-2022-24439. |
| CVE-2026-44244 |
high |
7.8 |
7.8 |
|
|
|
27d ago |
GitPython: Newline injection in config_writer().set_value() enables RCE via core.hooksPath |
| CVE-2026-44243 |
high |
7.1 |
7.1 |
|
|
|
28d ago |
GitPython reference APIs has a path traversal vulnerability that allows arbitrary file write and delete outside the repository |
| CVE-2024-22190 |
unknown |
— |
— |
|
|
|
2y ago |
GitPython is a python library used to interact with Git repositories. There is an incomplete fix for CVE-2023-40590. On Windows, GitPython uses an untrusted search path if it uses a shell to run `git… |
| CVE-2023-41040 |
unknown |
— |
— |
|
|
|
3y ago |
GitPython is a python library used to interact with Git repositories. In order to resolve some git references, GitPython reads files from the `.git` directory, in some places the name of the file be… |
| CVE-2023-40590 |
unknown |
— |
— |
|
|
|
3y ago |
GitPython is a python library used to interact with Git repositories. When resolving a program, Python/Windows look for the current working directory, and after that the PATH environment. GitPython … |
| CVE-2022-24439 |
unknown |
— |
— |
|
|
|
4y ago |
All versions of package gitpython are vulnerable to Remote Code Execution (RCE) due to improper user input validation, which makes it possible to inject a maliciously crafted remote URL into the clon… |
