Sign In

CVE-2026-27735

ADVISORY - github

Summary

In mcp-server-git versions prior to 2026.1.14, the git_add tool did not validate that file paths provided in the files argument were within the repository boundaries. The tool used GitPython's repo.index.add(, which did not enforce working-tree boundary checks for relative paths. As a result, relative paths containing ../ sequences that resolved outside the repository were accepted and staged into the Git index, potentially allowing sensitive files to be exfiltrated via subsequent commit and push operations. The fix in PR #3164 switches to repo.git.add(), which delegates to the Git CLI and properly rejects out-of-tree paths. Users are advised to upgrade to 2026.1.14 or newer to remediate this issue.

mcp-server-git thanks https://hackerone.com/0dd-g for reporting and contributing the fix.

Common Weakness Enumeration (CWE)

ADVISORY - nist

CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

ADVISORY - github

CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Impacted images

Advisories
Sign in to Docker Scout

See which of your images are affected by this CVE and how to fix them by signing into Docker Scout.

Sign in