VulnerableCode Package Details - pkg:deb/debian/python-git@0?distro=trixie

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:deb/debian/python-git@0?distro=trixie

Essentials
History (2)

purl	pkg:deb/debian/python-git@0?distro=trixie

Vulnerabilities affecting this package (0)

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerabilities fixed by this package (2)

Vulnerability	Summary	Aliases
VCID-r172-bxav-a3ez		CVE-2023-40590 GHSA-wfm5-v35h-vwf4 PYSEC-2023-161
VCID-vuj4-7vfk-9fhy	GitPython is a python library used to interact with Git repositories. There is an incomplete fix for CVE-2023-40590. On Windows, GitPython uses an untrusted search path if it uses a shell to run `git`, as well as when it runs `bash.exe` to interpret hooks. If either of those features are used on Windows, a malicious `git.exe` or `bash.exe` may be run from an untrusted repository. This issue has been patched in version 3.1.41.	CVE-2024-22190 GHSA-2mqj-m65w-jghx PYSEC-2024-4

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-06-11T21:14:55.888389+00:00	Debian Importer	Fixing	VCID-vuj4-7vfk-9fhy	https://security-tracker.debian.org/tracker/data/json	38.6.0
2026-06-11T21:14:55.800881+00:00	Debian Importer	Fixing	VCID-r172-bxav-a3ez	https://security-tracker.debian.org/tracker/data/json	38.6.0