pkg:PyPI/gitpython

All known vulnerabilities

• CRITICAL9.8CVE-2023-40267GitPython vulnerable to remote code execution due to insufficient sanitization of input arguments
  from 0, < 3.1.32
• CRITICAL9.8CVE-2023-40267GitPython vulnerable to remote code execution due to insufficient sanitization of input arguments
  from 0, < ca965ecc81853bca7675261729143f54e5bf4cdd | from 0, < 3.1.32
• HIGH8.8CVE-2026-42215GitPython has Command Injection via Git options bypass
  >= 3.1.30, < 3.1.47
• HIGH8.1CVE-2026-42284GitPython: Unsafe option check validates multi_options before shlex.split transformation
  from 0, < 3.1.47
• HIGH8.1CVE-2022-24439python-git - security update
  from 0, < 3.1.30
• HIGH8.1CVE-2022-24439python-git - security update
  from 0, < 3.1.30
• HIGH7.8CVE-2026-44244GitPython: Newline injection in config_writer().set_value() enables RCE via core.hooksPath
  from 0, < 3.1.49
• HIGH7.8CVE-2024-22190Untrusted search path under some conditions on Windows allows arbitrary code execution
  from 0, < 3.1.41
• HIGH7.8CVE-2024-22190Untrusted search path under some conditions on Windows allows arbitrary code execution
  from 0, < ef3192cc414f2fd9978908454f6fd95243784c7f | from 0, < 3.1.41
• HIGH7.8CVE-2023-40590GitPython untrusted search path on Windows systems leading to arbitrary code execution
  from 0, < 3.1.33
• HIGH7.8CVE-2023-40590GitPython untrusted search path on Windows systems leading to arbitrary code execution
  from 0, < 3.1.33
• HIGH7.1CVE-2026-44243GitPython reference APIs has a path traversal vulnerability that allows arbitrary file write and delete outside the repository
  from 0, < 3.1.48
• MEDIUM4.0CVE-2023-41040python-git - security update
  from 0, < 3.1.37
• MEDIUM4.0CVE-2023-41040python-git - security update
  from 0, < 3.1.35