This issue is for tracking the public vulnerability CVE-2023-41040:

In order to resolve some git references, GitPython reads files from the .git directory, in some places the name of the file being read is provided by the user, GitPython doesn't check if this file is located outside the .git directory. This allows an attacker to make GitPython read any file from the system.

Further details, including example code, are in CVE-2023-41040.

(I'm opening this issue based on the idea in #1635 (comment) that it's useful to have issues for these. This CVE has been mentioned in #1635, but if #1636 is merged then #1635 may be closed. #1636 fixes CVE-2023-40590 but does not also fix CVE-2023-41040.)