{"url":"http://public2.vulnerablecode.io/api/packages/72395?format=json","purl":"pkg:pypi/gitpython@2.0.1","type":"pypi","namespace":"","name":"gitpython","version":"2.0.1","qualifiers":{},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"3.1.41","latest_non_vulnerable_version":"3.1.41","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/15809?format=json","vulnerability_id":"VCID-prtd-77t4-37er","summary":"","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-41040","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-41040"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/gitpython-developers/GitPython/pull/1672","reference_id":"1672","reference_type":"","scores":[{"value":"4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-01T18:04:46Z/"}],"url":"https://github.com/gitpython-developers/GitPython/pull/1672"},{"reference_url":"https://github.com/gitpython-developers/GitPython/releases/tag/3.1.37","reference_id":"3.1.37","reference_type":"","scores":[{"value":"4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-01T18:04:46Z/"}],"url":"https://github.com/gitpython-developers/GitPython/releases/tag/3.1.37"},{"reference_url":"https://github.com/gitpython-developers/GitPython/commit/74e55ee4544867e1bd976b7df5a45869ee397b0b","reference_id":"74e55ee4544867e1bd976b7df5a45869ee397b0b","reference_type":"","scores":[{"value":"4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-01T18:04:46Z/"}],"url":"https://github.com/gitpython-developers/GitPython/commit/74e55ee4544867e1bd976b7df5a45869ee397b0b"},{"reference_url":"https://github.com/gitpython-developers/GitPython/commit/e98f57b81f792f0f5e18d33ee658ae395f9aa3c4","reference_id":"e98f57b81f792f0f5e18d33ee658ae395f9aa3c4","reference_type":"","scores":[{"value":"4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-01T18:04:46Z/"}],"url":"https://github.com/gitpython-developers/GitPython/commit/e98f57b81f792f0f5e18d33ee658ae395f9aa3c4"},{"reference_url":"https://github.com/gitpython-developers/GitPython/security/advisories/GHSA-cwvm-v4w8-q58c","reference_id":"GHSA-cwvm-v4w8-q58c","reference_type":"","scores":[{"value":"4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-01T18:04:46Z/"}],"url":"https://github.com/gitpython-developers/GitPython/security/advisories/GHSA-cwvm-v4w8-q58c"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/09/msg00036.html","reference_id":"msg00036.html","reference_type":"","scores":[{"value":"4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-01T18:04:46Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/09/msg00036.html"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/gitpython/PYSEC-2023-165.yaml","reference_id":"PYSEC-2023-165.yaml","reference_type":"","scores":[{"value":"4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-01T18:04:46Z/"}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/gitpython/PYSEC-2023-165.yaml"},{"reference_url":"https://github.com/gitpython-developers/GitPython/blob/1c8310d7cae144f74a671cbe17e51f63a830adbf/git/refs/symbolic.py#L174-L175","reference_id":"symbolic.py#L174-L175","reference_type":"","scores":[{"value":"4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-01T18:04:46Z/"}],"url":"https://github.com/gitpython-developers/GitPython/blob/1c8310d7cae144f74a671cbe17e51f63a830adbf/git/refs/symbolic.py#L174-L175"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/77899?format=json","purl":"pkg:pypi/gitpython@3.1.35","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-vuj4-7vfk-9fhy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/gitpython@3.1.35"}],"aliases":["CVE-2023-41040","GHSA-cwvm-v4w8-q58c","PYSEC-2023-165"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-prtd-77t4-37er"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/15800?format=json","vulnerability_id":"VCID-r172-bxav-a3ez","summary":"","references":[{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/gitpython-developers/GitPython/security/advisories/GHSA-wfm5-v35h-vwf4","reference_id":"GHSA-wfm5-v35h-vwf4","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-10-02T14:04:30Z/"}],"url":"https://github.com/gitpython-developers/GitPython/security/advisories/GHSA-wfm5-v35h-vwf4"},{"reference_url":"https://docs.python.org/3/library/subprocess.html#popen-constructor","reference_id":"subprocess.html#popen-constructor","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-10-02T14:04:30Z/"}],"url":"https://docs.python.org/3/library/subprocess.html#popen-constructor"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/77781?format=json","purl":"pkg:pypi/gitpython@3.1.33","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-prtd-77t4-37er"},{"vulnerability":"VCID-vuj4-7vfk-9fhy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/gitpython@3.1.33"}],"aliases":["CVE-2023-40590","GHSA-wfm5-v35h-vwf4","PYSEC-2023-161"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-r172-bxav-a3ez"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/15769?format=json","vulnerability_id":"VCID-v1x7-st14-rfc1","summary":"","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-40267","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-40267"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1043503","reference_id":"1043503","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1043503"},{"reference_url":"https://github.com/gitpython-developers/GitPython/pull/1609","reference_id":"1609","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-10T18:18:08Z/"}],"url":"https://github.com/gitpython-developers/GitPython/pull/1609"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AV5DV7GBLMOZT7U3Q4TDOJO5R6G3V6GH/","reference_id":"AV5DV7GBLMOZT7U3Q4TDOJO5R6G3V6GH","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-10T18:18:08Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AV5DV7GBLMOZT7U3Q4TDOJO5R6G3V6GH/"},{"reference_url":"https://github.com/gitpython-developers/GitPython/commit/ca965ecc81853bca7675261729143f54e5bf4cdd","reference_id":"ca965ecc81853bca7675261729143f54e5bf4cdd","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-10T18:18:08Z/"}],"url":"https://github.com/gitpython-developers/GitPython/commit/ca965ecc81853bca7675261729143f54e5bf4cdd"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PF6AXUTC5BO7L2SBJMCVKJSPKWY52I5R/","reference_id":"PF6AXUTC5BO7L2SBJMCVKJSPKWY52I5R","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-10T18:18:08Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PF6AXUTC5BO7L2SBJMCVKJSPKWY52I5R/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/77538?format=json","purl":"pkg:pypi/gitpython@3.1.32","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-prtd-77t4-37er"},{"vulnerability":"VCID-r172-bxav-a3ez"},{"vulnerability":"VCID-vuj4-7vfk-9fhy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/gitpython@3.1.32"}],"aliases":["CVE-2023-40267","GHSA-pr76-5cm5-w9cj","PYSEC-2023-137"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-v1x7-st14-rfc1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/62449?format=json","vulnerability_id":"VCID-vuj4-7vfk-9fhy","summary":"GitPython is a python library used to interact with Git repositories. There is an incomplete fix for CVE-2023-40590. On Windows, GitPython uses an untrusted search path if it uses a shell to run `git`, as well as when it runs `bash.exe` to interpret hooks. If either of those features are used on Windows, a malicious `git.exe` or `bash.exe` may be run from an untrusted repository. This issue has been patched in version 3.1.41.","references":[{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/gitpython/PYSEC-2024-4.yaml","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/gitpython/PYSEC-2024-4.yaml"},{"reference_url":"https://github.com/gitpython-developers/GitPython/pull/1792","reference_id":"1792","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-03-25T18:06:43Z/"}],"url":"https://github.com/gitpython-developers/GitPython/pull/1792"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-22190","reference_id":"CVE-2024-22190","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-22190"},{"reference_url":"https://github.com/gitpython-developers/GitPython/commit/ef3192cc414f2fd9978908454f6fd95243784c7f","reference_id":"ef3192cc414f2fd9978908454f6fd95243784c7f","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-03-25T18:06:43Z/"}],"url":"https://github.com/gitpython-developers/GitPython/commit/ef3192cc414f2fd9978908454f6fd95243784c7f"},{"reference_url":"https://github.com/advisories/GHSA-2mqj-m65w-jghx","reference_id":"GHSA-2mqj-m65w-jghx","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-2mqj-m65w-jghx"},{"reference_url":"https://github.com/gitpython-developers/GitPython/security/advisories/GHSA-2mqj-m65w-jghx","reference_id":"GHSA-2mqj-m65w-jghx","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-03-25T18:06:43Z/"}],"url":"https://github.com/gitpython-developers/GitPython/security/advisories/GHSA-2mqj-m65w-jghx"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/28354?format=json","purl":"pkg:pypi/gitpython@3.1.41","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/gitpython@3.1.41"}],"aliases":["CVE-2024-22190","GHSA-2mqj-m65w-jghx","PYSEC-2024-4"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vuj4-7vfk-9fhy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/11583?format=json","vulnerability_id":"VCID-z2pz-21y4-5khp","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-24439","reference_id":"","reference_type":"","scores":[{"value":"0.68859","scoring_system":"epss","scoring_elements":"0.98649","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-24439"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24439","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24439"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/gitpython-developers/GitPython/blob/bec61576ae75803bc4e60d8de7a629c194313d1c/git/repo/base.py%23L1249","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/gitpython-developers/GitPython/blob/bec61576ae75803bc4e60d8de7a629c194313d1c/git/repo/base.py%23L1249"},{"reference_url":"https://github.com/gitpython-developers/GitPython/blob/bec61576ae75803bc4e60d8de7a629c194313d1c/git/repo/base.py#L1249","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/gitpython-developers/GitPython/blob/bec61576ae75803bc4e60d8de7a629c194313d1c/git/repo/base.py#L1249"},{"reference_url":"https://github.com/gitpython-developers/GitPython/commit/2625ed9fc074091c531c27ffcba7902771130261","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/gitpython-developers/GitPython/commit/2625ed9fc074091c531c27ffcba7902771130261"},{"reference_url":"https://github.com/gitpython-developers/GitPython/issues/1515","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/gitpython-developers/GitPython/issues/1515"},{"reference_url":"https://github.com/gitpython-developers/GitPython/releases/tag/3.1.30","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/gitpython-developers/GitPython/releases/tag/3.1.30"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/gitpython/PYSEC-2022-42992.yaml","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/gitpython/PYSEC-2022-42992.yaml"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/07/msg00024.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2023/07/msg00024.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2024/10/msg00030.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2024/10/msg00030.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AV5DV7GBLMOZT7U3Q4TDOJO5R6G3V6GH","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AV5DV7GBLMOZT7U3Q4TDOJO5R6G3V6GH"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IKMVYKLWX62UEYKAN64RUZMOIAMZM5JN","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IKMVYKLWX62UEYKAN64RUZMOIAMZM5JN"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PF6AXUTC5BO7L2SBJMCVKJSPKWY52I5R","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PF6AXUTC5BO7L2SBJMCVKJSPKWY52I5R"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SJHN3QUXPJIMM6SULIR3PR34UFWRAE7X","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SJHN3QUXPJIMM6SULIR3PR34UFWRAE7X"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AV5DV7GBLMOZT7U3Q4TDOJO5R6G3V6GH","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AV5DV7GBLMOZT7U3Q4TDOJO5R6G3V6GH"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IKMVYKLWX62UEYKAN64RUZMOIAMZM5JN","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IKMVYKLWX62UEYKAN64RUZMOIAMZM5JN"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IKMVYKLWX62UEYKAN64RUZMOIAMZM5JN/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IKMVYKLWX62UEYKAN64RUZMOIAMZM5JN/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PF6AXUTC5BO7L2SBJMCVKJSPKWY52I5R","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PF6AXUTC5BO7L2SBJMCVKJSPKWY52I5R"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SJHN3QUXPJIMM6SULIR3PR34UFWRAE7X","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SJHN3QUXPJIMM6SULIR3PR34UFWRAE7X"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SJHN3QUXPJIMM6SULIR3PR34UFWRAE7X/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SJHN3QUXPJIMM6SULIR3PR34UFWRAE7X/"},{"reference_url":"https://security.snyk.io/vuln/SNYK-PYTHON-GITPYTHON-3113858","reference_id":"","reference_type":"","scores":[],"url":"https://security.snyk.io/vuln/SNYK-PYTHON-GITPYTHON-3113858"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1027163","reference_id":"1027163","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1027163"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-24439","reference_id":"CVE-2022-24439","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-24439"},{"reference_url":"https://github.com/advisories/GHSA-hcpj-qp55-gfph","reference_id":"GHSA-hcpj-qp55-gfph","reference_type":"","scores":[{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-hcpj-qp55-gfph"},{"reference_url":"https://security.gentoo.org/glsa/202311-01","reference_id":"GLSA-202311-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202311-01"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/28146?format=json","purl":"pkg:pypi/gitpython@3.1.30","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-prtd-77t4-37er"},{"vulnerability":"VCID-r172-bxav-a3ez"},{"vulnerability":"VCID-v1x7-st14-rfc1"},{"vulnerability":"VCID-vuj4-7vfk-9fhy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/gitpython@3.1.30"}],"aliases":["CVE-2022-24439","GHSA-hcpj-qp55-gfph","PYSEC-2022-42992"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-z2pz-21y4-5khp"}],"fixing_vulnerabilities":[],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/gitpython@2.0.1"}