Daethyra / OpenDTS

Open Domestic Threat Scanner - LLM Threat-Intelligence
3 stars 0 forks source link

CVE-2023-40590 | NO solution #102

Closed Daethyra closed 1 year ago

Daethyra commented 1 year ago

At time of writing, there is no direct solution, and specific steps are required to avoid exploitation in the wild.


Impact

An attacker can trick a user to download a repository with a malicious git executable, if the user runs/imports GitPython from that directory, it allows the attacker to run any arbitrary commands.

Possible solutions

Default to an absolute path for the git program on Windows, like C:\Program Files\Git\cmd\git.EXE (default git path installation). Require users to set the GIT_PYTHON_GIT_EXECUTABLE environment variable on Windows systems. Make this problem prominent in the documentation and advise users to never run GitPython from an untrusted repo, or set the GIT_PYTHON_GIT_EXECUTABLE env var to an absolute path. Resolve the executable manually by only looking into the PATH environment variable (suggested by @Byron)