📦 Gitpython

GitPython before version 3.1.32 contains an incomplete fix for CVE-2022-24439, allowing insecure non-multi options in clone and clone_from operations. This vulnerability could allow attackers to execu...

GitPython versions before 3.1.41 on Windows are vulnerable to untrusted search path attacks when using shell execution for git commands or bash.exe for hooks. This allows attackers to execute maliciou...

GitPython on Windows systems can execute malicious git binaries from the current working directory instead of the system PATH, allowing arbitrary command execution. This affects Windows users who run ...