4 matches found
CVE-2025-68143
Model Context Protocol Servers is a collection of reference implementations for the model context protocol MCP. In mcp-server-git versions prior to 2025.9.25, the gitinit tool accepted arbitrary filesystem paths and created Git repositories without validating the target location. Unlike other too...
CVE-2025-68143
CVE-2025-68143 affects the mcp-server-git component. Prior to 2025.9.25, the git_init tool accepted arbitrary filesystem paths and could create Git repositories in any directory accessible to the server process without validating the target location, enabling repository creation at unintended loc...
GHSA-5CGR-J3JF-JW3V mcp-server-git's unrestricted git_init tool allows repository creation at arbitrary filesystem locations
In mcp-server-git versions prior to 2025.9.25, the gitinit tool accepted arbitrary filesystem paths and created Git repositories without validating the target location. Unlike other tools which required an existing repository, gitinit could operate on any directory accessible to the server proces...
PT-2025-51936
Name of the Vulnerable Software and Affected Versions mcp-server-git versions prior to 2025.9.25 mcp-server-git versions prior to 2025.12.18 Description The Model Context Protocol Servers, specifically the mcp-server-git component, contains a flaw in the git init tool. Prior to version 2025.9.25,...