GitPython Unsafe Option Handling in Clone Operations Vulnerability

A vulnerability exists in GitPython versions prior to 3.1.47, where the '_clone()' method improperly validates 'multi_options' before executing 'shlex.split' to parse them. This flaw allows an attacker to inject Git configuration options, which are then executed during the cloning process. Specifically, by crafting a string that appears safe but is transformed into multiple tokens, an attacker can manipulate Git's behavior by executing malicious hooks. The issue has been addressed in GitPython version 3.1.47.

Impact

Exploitation of this vulnerability allows for the execution of arbitrary code by manipulating Git hooks, similar to the impact described in CVE-2023-40267.

Reproduction

The vulnerability can be reproduced by using the 'Repo.clone_from' method with a 'multi_options' parameter that includes Git configuration options. After the clone operation, the injected hooks will be executed, demonstrating the successful exploitation of the vulnerability.

Remediation

Users should upgrade to GitPython version 3.1.47 or later.