{"uuid": "4403f19f-7828-48a0-ab90-a0fb86d4b353", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-22190", "type": "seen", "source": "https://t.me/arpsyndicate/2920", "content": "#ExploitObserverAlert\n\nCVE-2024-22190\n\nDESCRIPTION: Exploit Observer has 3 entries in 2 file formats related to CVE-2024-22190. GitPython is a python library used to interact with Git repositories. There is an incomplete fix for CVE-2023-40590. On Windows, GitPython uses an untrusted search path if it uses a shell to run `git`, as well as when it runs `bash.exe` to interpret hooks. If either of those features are used on Windows, a malicious `git.exe` or `bash.exe` may be run from an untrusted repository. This issue has been patched in version 3.1.41.\n\nFIRST-EPSS: 0.000450000\nNVD-IS: 5.9\nNVD-ES: 1.8", "creation_timestamp": "2024-01-19T10:29:47.000000Z"}