All 8 CVE vulnerabilities found in GitPython, with AI-generated Chinese analysis, references, and POCs.
Vendor: n/a
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-44243 | GitPython: Path traversal in GitPython reference APIs allows arbitrary file write and delete outside the repository CWE-22 | - | - | 2026-05-07 |
| CVE-2026-44244 | GitPython: Newline injection in config_writer().set_value() enables RCE via core.hooksPath CWE-94 | 7.8 | High | 2026-05-07 |
| CVE-2026-42284 | GitPython: Unsafe option check validates multi_options before shlex.split transforms it CWE-88 | 8.1 | High | 2026-05-07 |
| CVE-2026-42215 | GitPython: Command injection via Git options bypass CWE-78 | 8.8 | High | 2026-05-07 |
| CVE-2024-22190 | Untrusted search path under some conditions on Windows allows arbitrary code execution CWE-426 | 7.8 | High | 2024-01-11 |
| CVE-2023-41040 | GitPython blind local file inclusion CWE-22 | 4.0 | Medium | 2023-08-30 |
| CVE-2023-40590 | Untrusted search path on Windows systems leading to arbitrary code execution CWE-426 | 7.8 | High | 2023-08-28 |
| CVE-2022-24439 | Remote Code Execution (RCE) | 8.1 | High | 2022-12-12 |
All 8 known CVE vulnerabilities affecting GitPython with full Chinese analysis, references, and POCs where available.