CVE-2026-42305 - Vulnerability Details

Description

Dulwich is a pure-Python implementation of the Git file formats and protocols. Versions starting with 0.10.0 and prior to 1.2.5 have an arbitrary file write leading to remote code execution when cloning or checking out a malicious Git repository on Windows. Dulwich's path-element validator accepted tree entries whose filenames contained bytes that Windows interprets as structural path syntax. Contributing configuration bugs made matters worse. The core.protectNTFS and core.protectHFS settings were looked up under a wrong option name and so user-set values were silently ignored, and core.protectNTFS only defaulted to true on Windows (Git upstream has defaulted it to true everywhere since CVE-2019-1353). Both have been corrected. Anyone who clones, fetches, or checks out an untrusted repository with Dulwich on Windows - either through the Dulwich CLI, porcelain.clone, or any downstream tool built on Dulwich - is impacted. POSIX clones are not directly exploitable (on POSIX \ is a literal filename byte), but a POSIX user can unknowingly propagate a malicious tree to Windows consumers via push or re-publication. This issue is fixed in Dulwich 1.2.5. Users should upgrade to 1.2.5 or later. There is no effective pre-patch workaround. On affected versions the core.protectNTFS configuration key was silently ignored, so setting it to true does not mitigate the issue. Users who cannot upgrade should avoid cloning, fetching, or checking out untrusted repositories with Dulwich on Windows. After upgrading the NTFS validator is on by default on every platform, so no additional configuration is required.

Published: 2026-06-10

Score: 8.8 High

EPSS: n/a

KEV: No

Impact:

Action:

Analysis

Impact

The vulnerability in Dulwich allows an attacker who can supply a malicious Git repository to perform an arbitrary file write on Windows systems. When a user clones, fetches, or checks out such a repository, the path‑element validator improperly accepts filenames containing NTFS‑specific structural characters, enabling the repository’s tree entries to overwrite files in the local repository directory. This write can then be used to execute malicious code, resulting in full remote code execution on the affected machine. The weakness is a path traversal error, mapped to CWE‑22, and is exploitable without requiring elevated privileges if the user has write permission to the target location.

Affected Systems

The issue affects all Dulwich installations from early releases up through version 1.2.4, inclusive. The vendor is jelmer:dulwich, which provides a pure‑Python implementation of Git for Python applications. Upgrading to Dulwich 1.2.5 or later removes the vulnerability, as the NTFS validator is enabled by default on every platform in that and later releases.

Risk and Exploitability

The CVSS score of 8.8 signals high severity, and the vulnerability is present on Windows machines whenever a user interacts with a malicious repository through any Dulwich‑based tool. Although the EPSS score is not available, the lack of a known workaround and the nature of the flaw mean that exploitation is plausible with standard user privileges. Because the flaw is not listed in CISA KEV, no active exploits are currently confirmed, but the high CVSS combined with the ease of delivering a vulnerable repository warns that the risk warrants immediate action.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

jelmer

dulwich

affected

Version	Status	Constraints
`>= 0.10.0, < 1.2.5`	affected	—

No data.

No data available yet.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

Upgrade Dulwich to version 1.2.5 or later; the fix enables NTFS path validation by default.
If an upgrade is not possible, do not clone, fetch or checkout untrusted repositories with Dulwich on Windows machines; restrict such operations to trusted source control environments.
Consider removing or disabling Dulwich from critical Windows systems until the upgrade can be applied, thereby preventing the vulnerability from being triggered.

Generated by OpenCVE AI on June 10, 2026 at 23:24 UTC.

Tracking

Sign in to view the affected projects.

Advisories

Source	ID	Title
Github GHSA	GHSA-897w-fcg9-f6xj	Dulwich has an arbitrary file write via NTFS-hostile tree entries on Windows

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction Required

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

No EPSS score available.

Key SSVC decision points have not yet been added.

References

Link	Providers
https://github.com/jelmer/dulwich/commit/49eb56e51aad637fc23d54bf2a08cb42739b8290
https://github.com/jelmer/dulwich/commit/57efc4aa1581e038915a0fd79365be53b150f4a9
https://github.com/jelmer/dulwich/releases/tag/dulwich-1.2.5
https://github.com/jelmer/dulwich/security/advisories/GHSA-897w-fcg9-f6xj

History

Wed, 10 Jun 2026 22:30:00 +0000

Type	Values Removed	Values Added
Description		Dulwich is a pure-Python implementation of the Git file formats and protocols. Versions starting with 0.10.0 and prior to 1.2.5 have an arbitrary file write leading to remote code execution when cloning or checking out a malicious Git repository on Windows. Dulwich's path-element validator accepted tree entries whose filenames contained bytes that Windows interprets as structural path syntax. Contributing configuration bugs made matters worse. The core.protectNTFS and core.protectHFS settings were looked up under a wrong option name and so user-set values were silently ignored, and core.protectNTFS only defaulted to true on Windows (Git upstream has defaulted it to true everywhere since CVE-2019-1353). Both have been corrected. Anyone who clones, fetches, or checks out an untrusted repository with Dulwich on Windows - either through the Dulwich CLI, porcelain.clone, or any downstream tool built on Dulwich - is impacted. POSIX clones are not directly exploitable (on POSIX \ is a literal filename byte), but a POSIX user can unknowingly propagate a malicious tree to Windows consumers via push or re-publication. This issue is fixed in Dulwich 1.2.5. Users should upgrade to 1.2.5 or later. There is no effective pre-patch workaround. On affected versions the core.protectNTFS configuration key was silently ignored, so setting it to true does not mitigate the issue. Users who cannot upgrade should avoid cloning, fetching, or checking out untrusted repositories with Dulwich on Windows. After upgrading the NTFS validator is on by default on every platform, so no additional configuration is required.
Title		Dulwich has an arbitrary file write via NTFS-hostile tree entries on Windows
Weaknesses		CWE-22
References		https://github.com/jelmer/dulwich/commit/49eb56e51aad637fc23d54bf2a08cb42739b8290 https://github.com/jelmer/dulwich/commit/57efc4aa1581e038915a0fd79365be53b150f4a9 https://github.com/jelmer/dulwich/releases/tag/dulwich-1.2.5 https://github.com/jelmer/dulwich/security/advisories/GHSA-897w-fcg9-f6xj
Metrics		cvssV3_1 `{'score': 8.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H'}`

Subscriptions

No data.

MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published: 2026-06-10T21:55:30.942Z

Updated: 2026-06-10T21:55:30.942Z

Reserved: 2026-04-26T12:13:55.553Z

Link: CVE-2026-42305

Vulnrichment

No data.

NVD

Status : Received

Published: 2026-06-10T23:16:46.113

Modified: 2026-06-10T23:16:46.113

Link: CVE-2026-42305

Redhat

No data.

OpenCVE Enrichment

Updated: 2026-06-10T23:30:44Z

Weaknesses

CWE-22

Impact

Affected Systems

Risk and Exploitability

Tracking

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction Required

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object