10 matches found
CVE-2026-27735
Model Context Protocol Servers is a collection of reference implementations for the model context protocol MCP. In mcp-server-git versions prior to 2026.1.14, the gitadd tool did not validate that file paths provided in the files argument were within the repository boundaries. Because the tool us...
mcp-server-git : Path traversal in git_add allows staging files outside repository boundaries
In mcp-server-git versions prior to 2026.1.14, the gitadd tool did not validate that file paths provided in the files argument were within the repository boundaries. The tool used GitPython's repo.index.add, which did not enforce working-tree boundary checks for relative paths. As a result,...
EUVD-2026-8770
mcp-server-git : Path traversal in gitadd allows staging files outside repository boundaries...
GHSA-VJQX-CFC4-9H6V mcp-server-git : Path traversal in git_add allows staging files outside repository boundaries
In mcp-server-git versions prior to 2026.1.14, the gitadd tool did not validate that file paths provided in the files argument were within the repository boundaries. The tool used GitPython's repo.index.add, which did not enforce working-tree boundary checks for relative paths. As a result,...
Model Context Protocol Servers 路径遍历漏洞
Model Context Protocol Servers are open-source large-scale context protocol servers under the Model Context Protocol. Versions prior to 2026.1.14 of Model Context Protocol Servers had a path traversal vulnerability. This vulnerability stemmed from the gitadd tool not verifying whether the file...
CVE-2026-27735 mcp-server-git : Path traversal in git_add allows staging files outside repository boundaries
Model Context Protocol Servers is a collection of reference implementations for the model context protocol MCP. In mcp-server-git versions prior to 2026.1.14, the gitadd tool did not validate that file paths provided in the files argument were within the repository boundaries. Because the tool us...
CVE-2026-27735 mcp-server-git : Path traversal in git_add allows staging files outside repository boundaries
Model Context Protocol Servers is a collection of reference implementations for the model context protocol MCP. In mcp-server-git versions prior to 2026.1.14, the gitadd tool did not validate that file paths provided in the files argument were within the repository boundaries. Because the tool us...
CVE-2026-27735
CVE-2026-27735 affects the Model Context Protocol Servers (mcp-server-git) prior to version 2026.1.14. The git_add tool did not validate that file paths in the files argument stay within the repository, because it used GitPython's repo.index.add() instead of the Git CLI. This allowed relative pat...
CVE-2026-27735 mcp-server-git : Path traversal in git_add allows staging files outside repository boundaries
Model Context Protocol Servers is a collection of reference implementations for the model context protocol MCP. In mcp-server-git versions prior to 2026.1.14, the gitadd tool did not validate that file paths provided in the files argument were within the repository boundaries. Because the tool us...
PT-2026-22055
Name of the Vulnerable Software and Affected Versions mcp-server-git versions prior to 2026.1.14 Description The Model Context Protocol Servers software contains an issue where the git add tool does not properly validate file paths provided in the files argument. This allows relative paths...