CVE-2026-42215 GitPython: Command injection via Git options bypass

GitPython is a python library used to interact with Git repositories. From version 3.1.30 to before version 3.1.47, GitPython blocks dangerous Git options such as --upload-pack and --receive-pack by default, but the equivalent Python kwargs uploadpack and receivepack bypass that check. If an...

CVE-2026-42215

GitPython is a python library used to interact with Git repositories. From version 3.1.30 to before version 3.1.47, GitPython blocks dangerous Git options such as --upload-pack and --receive-pack by default, but the equivalent Python kwargs uploadpack and receivepack bypass that check. If an...

GitPython 操作系统命令注入漏洞

GitPython is a Python library developed by gitpython-developers, used for interacting with Git repositories. Versions of GitPython from 3.1.30 to 3.1.47 contained an operating system command injection vulnerability. This vulnerability stemmed from allowing dangerous Git options without proper...