pkg:PyPI/mcp-server-git

4 total CVEs

✅ Check your installed version

All known vulnerabilities

  • CVE-2026-27735mcp-server-git : Path traversal in git_add allows staging files outside repository boundaries
    from 0, < 2026.1.14
  • CVE-2025-68145mcp-server-git has missing path validation when using --repository flag
    from 0, < 2025.12.18
  • CVE-2025-68144mcp-server-git argument injection in git_diff and git_checkout functions allows overwriting local files
    from 0, < 2025.12.18
  • CVE-2025-68143mcp-server-git's unrestricted git_init tool allows repository creation at arbitrary filesystem locations
    from 0, < 2025.9.25