Описание
GitPython before 3.1.32 does not block insecure non-multi options in clone and clone_from. NOTE: this issue exists because of an incomplete fix for CVE-2022-24439.
Ссылки
- Patch
- Issue TrackingPatch
- Patch
- Issue TrackingPatch
Уязвимые конфигурации
EPSS
9.8 Critical
CVSS3
Дефекты
Связанные уязвимости
GitPython before 3.1.32 does not block insecure non-multi options in clone and clone_from. NOTE: this issue exists because of an incomplete fix for CVE-2022-24439.
GitPython before 3.1.32 does not block insecure non-multi options in clone and clone_from. NOTE: this issue exists because of an incomplete fix for CVE-2022-24439.
GitPython before 3.1.32 does not block insecure non-multi options in c ...
GitPython vulnerable to remote code execution due to insufficient sanitization of input arguments
Уязвимость компонентов clone/clone_from библиотеки Python для взаимодействия с git-репозиториями GitPython, позволяющая нарушителю выполнить произвольный код
EPSS
9.8 Critical
CVSS3