6 matches found
EUVD-2026-8770
mcp-server-git : Path traversal in gitadd allows staging files outside repository boundaries...
CVE-2026-27735
Model Context Protocol Servers is a collection of reference implementations for the model context protocol MCP. In mcp-server-git versions prior to 2026.1.14, the gitadd tool did not validate that file paths provided in the files argument were within the repository boundaries. Because the tool us...
CVE-2026-27735
Model Context Protocol Servers is a collection of reference implementations for the model context protocol MCP. In mcp-server-git versions prior to 2026.1.14, the gitadd tool did not validate that file paths provided in the files argument were within the repository boundaries. Because the tool us...
CVE-2026-27735 mcp-server-git : Path traversal in git_add allows staging files outside repository boundaries
Model Context Protocol Servers is a collection of reference implementations for the model context protocol MCP. In mcp-server-git versions prior to 2026.1.14, the gitadd tool did not validate that file paths provided in the files argument were within the repository boundaries. Because the tool us...
CVE-2026-27735
CVE-2026-27735 affects the Model Context Protocol Servers (mcp-server-git) prior to version 2026.1.14. The git_add tool did not validate that file paths in the files argument stay within the repository, because it used GitPython's repo.index.add() instead of the Git CLI. This allowed relative pat...
CVE-2026-27735 mcp-server-git : Path traversal in git_add allows staging files outside repository boundaries
Model Context Protocol Servers is a collection of reference implementations for the model context protocol MCP. In mcp-server-git versions prior to 2026.1.14, the gitadd tool did not validate that file paths provided in the files argument were within the repository boundaries. Because the tool us...