UBUNTU-CVE-2023-41040

Source
https://ubuntu.com/security/CVE-2023-41040
Import Source
https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2023/UBUNTU-CVE-2023-41040.json
JSON Data
https://api.osv.dev/v1/vulns/UBUNTU-CVE-2023-41040
Related
Published
2023-08-30T22:15:00Z
Modified
2024-10-15T14:11:43Z
Severity
  • 6.5 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L CVSS Calculator
Summary
[none]
Details

GitPython is a python library used to interact with Git repositories. In order to resolve some git references, GitPython reads files from the .git directory, in some places the name of the file being read is provided by the user, GitPython doesn't check if this file is located outside the .git directory. This allows an attacker to make GitPython read any file from the system. This vulnerability is present in https://github.com/gitpython-developers/GitPython/blob/1c8310d7cae144f74a671cbe17e51f63a830adbf/git/refs/symbolic.py#L174-L175. That code joins the base directory with a user given string without checking if the final path is located outside the base directory. This vulnerability cannot be used to read the contents of files but could in theory be used to trigger a denial of service for the program. This issue has not yet been addressed.

References

Affected packages

Ubuntu:Pro:14.04:LTS / python-git

Package

Name
python-git
Purl
pkg:deb/ubuntu/python-git?arch=src?distro=trusty/esm

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

0.*

0.3.2~RC1-2
0.3.2~RC1-3
0.3.2~RC1-3ubuntu0.1~esm1
0.3.2~RC1-3ubuntu0.1~esm2

Ecosystem specific

{
    "ubuntu_priority": "medium"
}

Ubuntu:Pro:16.04:LTS / python-git

Package

Name
python-git
Purl
pkg:deb/ubuntu/python-git?arch=src?distro=esm-apps/xenial

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

1.*

1.0.1+git137-gc8b8379-1
1.0.1+git137-gc8b8379-2
1.0.1+git137-gc8b8379-2.1
1.0.1+git137-gc8b8379-2.1ubuntu0.1~esm1
1.0.1+git137-gc8b8379-2.1ubuntu0.1~esm2

Ecosystem specific

{
    "ubuntu_priority": "medium"
}

Ubuntu:Pro:18.04:LTS / python-git

Package

Name
python-git
Purl
pkg:deb/ubuntu/python-git?arch=src?distro=esm-apps/bionic

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

2.*

2.1.5-1
2.1.6-1
2.1.7-1
2.1.8-1
2.1.8-1ubuntu0.1~esm1
2.1.8-1ubuntu0.1~esm2

Ecosystem specific

{
    "ubuntu_priority": "medium"
}

Ubuntu:20.04:LTS / python-git

Package

Name
python-git
Purl
pkg:deb/ubuntu/python-git?arch=src?distro=focal

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

2.*

2.1.11-1

3.*

3.0.4-1
3.0.5-1
3.0.7-1

Ecosystem specific

{
    "ubuntu_priority": "medium"
}

Ubuntu:22.04:LTS / python-git

Package

Name
python-git
Purl
pkg:deb/ubuntu/python-git?arch=src?distro=jammy

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

3.*

3.1.14-1
3.1.23-1
3.1.24-1

Ecosystem specific

{
    "ubuntu_priority": "medium"
}

Ubuntu:24.10 / python-git

Package

Name
python-git
Purl
pkg:deb/ubuntu/python-git?arch=src?distro=oracular

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

3.*

3.1.37-3

Ecosystem specific

{
    "ubuntu_priority": "medium"
}

Ubuntu:24.04:LTS / python-git

Package

Name
python-git
Purl
pkg:deb/ubuntu/python-git?arch=src?distro=noble

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

3.*

3.1.30-1
3.1.37-1
3.1.37-3

Ecosystem specific

{
    "ubuntu_priority": "medium"
}