4 matches found
Directory Traversal
Overview mcp-server-git is an A Model Context Protocol server providing tools to read, search, and manipulate Git repositories programmatically via LLMs Affected versions of this package are vulnerable to Directory Traversal via improper validation of the path validation in repopath argument when...
EUVD-2025-204002
mcp-server-git has missing path validation when using --repository flag...
mcp-server-git has missing path validation when using --repository flag
In mcp-server-git versions prior to 2025.12.18, when the server is started with the --repository flag to restrict operations to a specific repository path, it did not validate that repopath arguments in subsequent tool calls were actually within that configured path. This could allow tool calls t...
CVE-2025-68145 mcp-server-git has missing path validation when using --repository flag
In mcp-server-git versions prior to 2025.12.17, when the server is started with the --repository flag to restrict operations to a specific repository path, it did not validate that repopath arguments in subsequent tool calls were actually within that configured path. This could allow tool calls t...