CVE-2023-41040

Name of the Vulnerable Software and Affected Versions GitPython versions prior to 3.1.37

Description The issue is related to GitPython's handling of file paths when resolving git references. In some cases, the library reads files from the .git directory based on user-provided input without checking if the file is located outside the intended directory. This allows an attacker to make GitPython read any file from the system, potentially leading to a denial of service. The vulnerability is present in the symbolic.py file and is caused by the code joining the base directory with a user-given string without checking the final path.

Recommendations For versions prior to 3.1.37, update to version 3.1.37 or later to resolve the issue. As a temporary workaround, consider restricting access to the symbolic.py module or the affected API endpoints to minimize the risk of exploitation. Avoid using user-provided input for file paths without proper validation and sanitization.