Makkkiiii

1 exploit Active since Dec 2022
CVE-2022-24439 NOMISEC HIGH STUB
GitPython <3.1.30 - Remote Code Execution via Malicious Clone URL
All versions of package gitpython are vulnerable to Remote Code Execution (RCE) due to improper user input validation, which makes it possible to inject a maliciously crafted remote URL into the clone command. Exploiting this vulnerability is possible because the library makes external calls to git without sufficient sanitization of input arguments.
1 stars
CVSS 8.1