{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2022-24439", "assignerOrgId": "bae035ff-b466-4ff4-94d0-fc9efd9e1730", "assignerShortName": "snyk", "dateUpdated": "2024-09-16T23:11:20.568Z", "dateReserved": "2022-02-24T00:00:00", "datePublished": "2022-12-12T01:49:10.008967Z"}, "containers": {"cna": {"title": "Remote Code Execution (RCE)", "datePublic": "2022-12-06T00:00:00", "providerMetadata": {"orgId": "bae035ff-b466-4ff4-94d0-fc9efd9e1730", "shortName": "snyk", "dateUpdated": "2023-11-01T13:06:09.960530"}, "descriptions": [{"lang": "en", "value": "All versions of package gitpython are vulnerable to Remote Code Execution (RCE) due to improper user input validation, which makes it possible to inject a maliciously crafted remote URL into the clone command. Exploiting this vulnerability is possible because the library makes external calls to git without sufficient sanitization of input arguments."}], "affected": [{"vendor": "n/a", "product": "GitPython", "versions": [{"version": "0", "status": "affected", "lessThan": "unspecified", "versionType": "custom"}]}], "references": [{"url": "https://security.snyk.io/vuln/SNYK-PYTHON-GITPYTHON-3113858"}, {"url": "https://github.com/gitpython-developers/GitPython/blob/bec61576ae75803bc4e60d8de7a629c194313d1c/git/repo/base.py%23L1249"}, {"name": "FEDORA-2022-8146a727a8", "tags": ["vendor-advisory"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IKMVYKLWX62UEYKAN64RUZMOIAMZM5JN/"}, {"name": "FEDORA-2022-ce7369b9ec", "tags": ["vendor-advisory"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SJHN3QUXPJIMM6SULIR3PR34UFWRAE7X/"}, {"name": "[debian-lts-announce] 20230725 [SECURITY] [DLA 3502-1] python-git security update", "tags": ["mailing-list"], "url": "https://lists.debian.org/debian-lts-announce/2023/07/msg00024.html"}, {"name": "FEDORA-2023-1ec4e542f9", "tags": ["vendor-advisory"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PF6AXUTC5BO7L2SBJMCVKJSPKWY52I5R/"}, {"name": "FEDORA-2023-26116901d9", "tags": ["vendor-advisory"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AV5DV7GBLMOZT7U3Q4TDOJO5R6G3V6GH/"}, {"name": "GLSA-202311-01", "tags": ["vendor-advisory"], "url": "https://security.gentoo.org/glsa/202311-01"}], "credits": [{"lang": "en", "value": "Sam Wheating"}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "attackVector": "NETWORK", "attackComplexity": "HIGH", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH"}}], "problemTypes": [{"descriptions": [{"type": "text", "lang": "en", "description": "Remote Code Execution (RCE)"}]}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T04:13:56.116Z"}, "title": "CVE Program Container", "references": [{"url": "https://security.snyk.io/vuln/SNYK-PYTHON-GITPYTHON-3113858", "tags": ["x_transferred"]}, {"url": "https://github.com/gitpython-developers/GitPython/blob/bec61576ae75803bc4e60d8de7a629c194313d1c/git/repo/base.py%23L1249", "tags": ["x_transferred"]}, {"name": "FEDORA-2022-8146a727a8", "tags": ["vendor-advisory", "x_transferred"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IKMVYKLWX62UEYKAN64RUZMOIAMZM5JN/"}, {"name": "FEDORA-2022-ce7369b9ec", "tags": ["vendor-advisory", "x_transferred"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SJHN3QUXPJIMM6SULIR3PR34UFWRAE7X/"}, {"name": "[debian-lts-announce] 20230725 [SECURITY] [DLA 3502-1] python-git security update", "tags": ["mailing-list", "x_transferred"], "url": "https://lists.debian.org/debian-lts-announce/2023/07/msg00024.html"}, {"name": "FEDORA-2023-1ec4e542f9", "tags": ["vendor-advisory", "x_transferred"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PF6AXUTC5BO7L2SBJMCVKJSPKWY52I5R/"}, {"name": "FEDORA-2023-26116901d9", "tags": ["vendor-advisory", "x_transferred"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AV5DV7GBLMOZT7U3Q4TDOJO5R6G3V6GH/"}, {"name": "GLSA-202311-01", "tags": ["vendor-advisory", "x_transferred"], "url": "https://security.gentoo.org/glsa/202311-01"}]}]}}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:gitpython_project:gitpython:*:*:*:*:*:python:*:*", "matchCriteriaId": "449620FB-DFA3-4ECB-9C7E-817011E15449", "versionEndExcluding": "3.1.30", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*", "matchCriteriaId": "5C675112-476C-4D7C-BCB9-A2FB2D0BC9FD", "vulnerable": true}, {"criteria": "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*", "matchCriteriaId": "E30D0E6F-4AE8-4284-8716-991DFA48CC5D", "vulnerable": true}, {"criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*", "matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "All versions of package gitpython are vulnerable to Remote Code Execution (RCE) due to improper user input validation, which makes it possible to inject a maliciously crafted remote URL into the clone command. Exploiting this vulnerability is possible because the library makes external calls to git without sufficient sanitization of input arguments."}, {"lang": "es", "value": "Todas las versiones del paquete gitpython son vulnerables a la ejecuci\u00f3n remota de c\u00f3digo (RCE) debido a una validaci\u00f3n incorrecta de la entrada del usuario, lo que hace posible inyectar una URL remota creada con fines malintencionados en el comando de clonaci\u00f3n. Es posible explotar esta vulnerabilidad porque la librer\u00eda realiza llamadas externas a git sin una sanitizaci\u00f3n suficiente de los argumentos de entrada."}], "id": "CVE-2022-24439", "lastModified": "2024-01-09T03:21:50.680", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.2, "impactScore": 5.9, "source": "report@snyk.io", "type": "Secondary"}]}, "published": "2022-12-06T05:15:11.420", "references": [{"source": "report@snyk.io", "tags": ["Broken Link"], "url": "https://github.com/gitpython-developers/GitPython/blob/bec61576ae75803bc4e60d8de7a629c194313d1c/git/repo/base.py%23L1249"}, {"source": "report@snyk.io", "tags": ["Mailing List", "Third Party Advisory"], "url": "https://lists.debian.org/debian-lts-announce/2023/07/msg00024.html"}, {"source": "report@snyk.io", "tags": ["Mailing List", "Third Party Advisory"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AV5DV7GBLMOZT7U3Q4TDOJO5R6G3V6GH/"}, {"source": "report@snyk.io", "tags": ["Mailing List", "Third Party Advisory"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IKMVYKLWX62UEYKAN64RUZMOIAMZM5JN/"}, {"source": "report@snyk.io", "tags": ["Mailing List", "Third Party Advisory"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PF6AXUTC5BO7L2SBJMCVKJSPKWY52I5R/"}, {"source": "report@snyk.io", "tags": ["Mailing List", "Third Party Advisory"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SJHN3QUXPJIMM6SULIR3PR34UFWRAE7X/"}, {"source": "report@snyk.io", "tags": ["Third Party Advisory"], "url": "https://security.gentoo.org/glsa/202311-01"}, {"source": "report@snyk.io", "tags": ["Exploit", "Third Party Advisory"], "url": "https://security.snyk.io/vuln/SNYK-PYTHON-GITPYTHON-3113858"}], "sourceIdentifier": "report@snyk.io", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"acknowledgement": "Upstream acknowledges Sam Wheating as the original reporter.", "affected_release": [{"advisory": "RHSA-2023:5931", "cpe": "cpe:/a:redhat:satellite:6.13::el8", "package": "python-gitpython-0:3.1.32-1.el8pc", "product_name": "Red Hat Satellite 6.13 for RHEL 8", "release_date": "2023-10-19T00:00:00Z"}, {"advisory": "RHSA-2023:5931", "cpe": "cpe:/a:redhat:satellite_capsule:6.13::el8", "package": "python-gitpython-0:3.1.32-1.el8pc", "product_name": "Red Hat Satellite 6.13 for RHEL 8", "release_date": "2023-10-19T00:00:00Z"}], "bugzilla": {"description": "GitPython: improper user input validation leads into a RCE", "id": "2151583", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2151583"}, "csaw": false, "cvss3": {"cvss3_base_score": "9.8", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "status": "verified"}, "cwe": "CWE-94", "details": ["All versions of package gitpython are vulnerable to Remote Code Execution (RCE) due to improper user input validation, which makes it possible to inject a maliciously crafted remote URL into the clone command. Exploiting this vulnerability is possible because the library makes external calls to git without sufficient sanitization of input arguments.", "A remote code execution vulnerability exists in Git-python. By injecting a malicious URL into the clone command, an attacker can exploit this vulnerability as the library makes external calls to git without any input sanitization. This issue leads to complete system compromise."], "name": "CVE-2022-24439", "package_state": [{"cpe": "cpe:/a:redhat:ansible_automation_platform:2", "fix_state": "Affected", "package_name": "python-gitpython", "product_name": "Red Hat Ansible Automation Platform 2"}, {"cpe": "cpe:/a:redhat:openstack:13", "fix_state": "Affected", "package_name": "GitPython", "product_name": "Red Hat OpenStack Platform 13 (Queens)"}, {"cpe": "cpe:/a:redhat:openstack:16.1", "fix_state": "Affected", "package_name": "GitPython", "product_name": "Red Hat OpenStack Platform 16.1"}, {"cpe": "cpe:/a:redhat:openstack:16.2", "fix_state": "Affected", "package_name": "GitPython", "product_name": "Red Hat OpenStack Platform 16.2"}, {"cpe": "cpe:/a:redhat:openstack:17.0", "fix_state": "Affected", "impact": "low", "package_name": "GitPython", "product_name": "Red Hat OpenStack Platform 17.0"}], "public_date": "2022-12-05T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2022-24439\nhttps://nvd.nist.gov/vuln/detail/CVE-2022-24439\nhttps://security.snyk.io/vuln/SNYK-PYTHON-GITPYTHON-3113858"], "statement": "Across all supported releases of Red Hat OpenStack Platform the usage of a compromised GitPython API (clone_from()) is quite limited. The only people capable of exploiting this vulnerability are system administrators. For this reason, the impact has been downgraded to medium.\nThe impact to Red Hat OpenStack Platform 17 is rated Low as the compromised function is not in use.", "threat_severity": "Moderate"}