CVE-2026-42305
HighCVSS 8.8Exploitation Probability (EPSS)
Low risk45th percentile - higher than 45% of all known CVEs
Summary
Dulwich, a pure-Python implementation of Git file formats and protocols, has a vulnerability leading to remote code execution via arbitrary file writes. Versions from 0.10.0 to prior to 1.2.5 are vulnerable when cloning or checking out a malicious Git repository on Windows.
Risk Assessment
Organizations may be exposed to remote code execution, potentially leading to data loss or system takeover. Users cloning or fetching untrusted repositories are particularly at risk.
Recommendation
It is recommended to upgrade to version 1.2.5 or later to mitigate this vulnerability. Users unable to upgrade should avoid cloning, fetching, or checking out untrusted repositories on Windows.
Original NVD description (English source)
Dulwich is a pure-Python implementation of the Git file formats and protocols. Versions starting with 0.10.0 and prior to 1.2.5 have an arbitrary file write leading to remote code execution when cloning or checking out a malicious Git repository on Windows. Dulwich's path-element validator accepted tree entries whose filenames contained bytes that Windows interprets as structural path syntax. Contributing configuration bugs made matters worse. The core.protectNTFS and core.protectHFS settings were looked up under a wrong option name and so user-set values were silently ignored, and core.protectNTFS only defaulted to true on Windows (Git upstream has defaulted it to true everywhere since CVE-2019-1353). Both have been corrected. Anyone who clones, fetches, or checks out an untrusted repository with Dulwich on Windows - either through the Dulwich CLI, porcelain.clone, or any downstream tool built on Dulwich - is impacted. POSIX clones are not directly exploitable (on POSIX \ is a literal filename byte), but a POSIX user can unknowingly propagate a malicious tree to Windows consumers via push or re-publication. This issue is fixed in Dulwich 1.2.5. Users should upgrade to 1.2.5 or later. There is no effective pre-patch workaround. On affected versions the core.protectNTFS configuration key was silently ignored, so setting it to true does not mitigate the issue. Users who cannot upgrade should avoid cloning, fetching, or checking out untrusted repositories with Dulwich on Windows. After upgrading the NTFS validator is on by default on every platform, so no additional configuration is required.

