CVE-2026-44243

N/A Unknown
Published: May 07, 2026 Modified: May 07, 2026
View on NVD

Description

GitPython is a python library used to interact with Git repositories. Prior to version 3.1.48, a vulnerability in GitPython allows attackers who can supply a crafted reference path to an application using GitPython to write, overwrite, move, or delete files outside the repositoryโ€™s .git directory via insufficient validation of reference paths in reference creation, rename, and delete operations. This issue has been patched in version 3.1.48.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory
https://github.com/gitpython-developers/GitPython/releases/tag/3.1.48
Source: security-advisories@github.com
https://github.com/gitpython-developers/GitPython/security/advisories/GHSA-7545-fcxq-7j24
Source: security-advisories@github.com

2 reference(s) from NVD

Quick Stats

CVSS v3 Score
N/A / 10.0
Exploitation Status
Not in CISA KEV

Weaknesses (CWE)

CWE-22

Related CVEs

CVE-2026-8086 5.3
CVE-2026-8084 3.3
CVE-2026-8083 7.3
CVE-2026-44742 7.2
CVE-2026-44244 7.8