CVE-2026-47712: CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in jelmer dulwich
Dulwich is a pure-Python implementation of the Git file formats and protocols. Starting in version 0.24.0 and prior to version 1.2.5, dulwich.porcelain.format_patch(outdir=...) derives each patch filename from the commit's subject line. Prior to this fix, get_summary only replaced spaces with dashes - path separators (/, \), parent-directory components (..), and other filename-hostile characters (e.g. :) were preserved verbatim and passed straight into os.path.join(outdir, f"{i:04d}-{summary}.patch"). A malicious commit subject could therefore direct the generated patch file outside the requested outdir. This is fixed in Dulwich 1.2.5. Users should upgrade to 1.2.5 or later. dulwich.patch.get_summary now mirrors git's format_sanitized_subject: only `[A-Za-z0-9._]` are kept, runs of other characters collapse to a single -, consecutive . collapse to a single ., trailing ./- are stripped, and the result is length-limited. This makes the returned string safe to embed as a filename component, so format_patch can no longer be steered out of outdir via the commit subject. Until upgrading, callers that pass untrusted commits to porcelain.format_patch can use stdout=True and write the patch to a destination they control, rather than letting format_patch choose the filename; validate the chosen path before opening - e.g. compare os.path.realpath(returned_path) against os.path.realpath(outdir) and reject any patch whose resolved path is not inside outdir; and/or pre-screen commits and refuse to format any whose subject's first line contains /, \, .., or other characters that are not safe on the target filesystem.
AI Analysis
Technical Summary
The vulnerability in Dulwich's porcelain.format_patch function arises because patch filenames are derived from commit subject lines without adequately sanitizing path separators, parent-directory components, or other unsafe filename characters. This allows a crafted commit subject to cause patch files to be written outside the specified output directory (path traversal). The flaw affects versions >=0.24.0 and <1.2.5. The fix in 1.2.5 updates dulwich.patch.get_summary to sanitize commit subjects similarly to git's format_sanitized_subject, restricting characters to alphanumerics, dots, and underscores, collapsing runs of unsafe characters, and stripping trailing unsafe characters, thus preventing directory escape via patch filenames.
Potential Impact
An attacker who can supply commit subjects to dulwich.porcelain.format_patch could cause patch files to be written outside the intended directory, potentially overwriting arbitrary files if the environment permits. The CVSS score is low (3.3) with no confidentiality or availability impact, only limited integrity impact. There are no known exploits in the wild.
Mitigation Recommendations
Users should upgrade to Dulwich version 1.2.5 or later where this vulnerability is fixed. Until upgrading, callers processing untrusted commits should use the stdout=True option to avoid automatic filename generation, validate resolved patch file paths to ensure they remain within the intended directory, and/or pre-screen commit subjects to reject those containing unsafe characters such as /, \, or .. in the first line. These mitigations reduce the risk of path traversal until an official fix is applied.
CVE-2026-47712: CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in jelmer dulwich
Description
Dulwich is a pure-Python implementation of the Git file formats and protocols. Starting in version 0.24.0 and prior to version 1.2.5, dulwich.porcelain.format_patch(outdir=...) derives each patch filename from the commit's subject line. Prior to this fix, get_summary only replaced spaces with dashes - path separators (/, \), parent-directory components (..), and other filename-hostile characters (e.g. :) were preserved verbatim and passed straight into os.path.join(outdir, f"{i:04d}-{summary}.patch"). A malicious commit subject could therefore direct the generated patch file outside the requested outdir. This is fixed in Dulwich 1.2.5. Users should upgrade to 1.2.5 or later. dulwich.patch.get_summary now mirrors git's format_sanitized_subject: only `[A-Za-z0-9._]` are kept, runs of other characters collapse to a single -, consecutive . collapse to a single ., trailing ./- are stripped, and the result is length-limited. This makes the returned string safe to embed as a filename component, so format_patch can no longer be steered out of outdir via the commit subject. Until upgrading, callers that pass untrusted commits to porcelain.format_patch can use stdout=True and write the patch to a destination they control, rather than letting format_patch choose the filename; validate the chosen path before opening - e.g. compare os.path.realpath(returned_path) against os.path.realpath(outdir) and reject any patch whose resolved path is not inside outdir; and/or pre-screen commits and refuse to format any whose subject's first line contains /, \, .., or other characters that are not safe on the target filesystem.
CVSS v3.1
Score 3.3low
Affected software
Run on your own infrastructure? Check whether these packages are installed with threat-finder — our free open-source scanner.
Weaknesses
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
The vulnerability in Dulwich's porcelain.format_patch function arises because patch filenames are derived from commit subject lines without adequately sanitizing path separators, parent-directory components, or other unsafe filename characters. This allows a crafted commit subject to cause patch files to be written outside the specified output directory (path traversal). The flaw affects versions >=0.24.0 and <1.2.5. The fix in 1.2.5 updates dulwich.patch.get_summary to sanitize commit subjects similarly to git's format_sanitized_subject, restricting characters to alphanumerics, dots, and underscores, collapsing runs of unsafe characters, and stripping trailing unsafe characters, thus preventing directory escape via patch filenames.
Potential Impact
An attacker who can supply commit subjects to dulwich.porcelain.format_patch could cause patch files to be written outside the intended directory, potentially overwriting arbitrary files if the environment permits. The CVSS score is low (3.3) with no confidentiality or availability impact, only limited integrity impact. There are no known exploits in the wild.
Mitigation Recommendations
Users should upgrade to Dulwich version 1.2.5 or later where this vulnerability is fixed. Until upgrading, callers processing untrusted commits should use the stdout=True option to avoid automatic filename generation, validate resolved patch file paths to ensure they remain within the intended directory, and/or pre-screen commit subjects to reject those containing unsafe characters such as /, \, or .. in the first line. These mitigations reduce the risk of path traversal until an official fix is applied.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- GitHub_M
- Date Reserved
- 2026-05-19T21:29:25.481Z
- Cvss Version
- 3.1
- State
- PUBLISHED
- Remediation Level
- null
Threat ID: 6a29e5e331875706499a3998
Added to database: 6/10/2026, 10:32:03 PM
Last enriched: 6/10/2026, 10:46:18 PM
Last updated: 6/10/2026, 11:48:40 PM
Views: 3
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.