mcp-server-git 0.5.0 vulnerabilities

Direct Vulnerabilities

Known vulnerabilities in the mcp-server-git package. This does not include vulnerabilities belonging to this package’s dependencies.

Fix vulnerabilities automatically

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Fix for free

Vulnerability	Vulnerable Version
M Arbitrary Argument Injection mcp-server-git is an A Model Context Protocol server providing tools to read, search, and manipulate Git repositories programmatically via LLMs Affected versions of this package are vulnerable to Arbitrary Argument Injection via the `git_diff()` and `git_checkout()` functions. An attacker can overwrite arbitrary local files by supplying specially crafted arguments (e.g., `--output=/path/to/file` for `git_diff`) that are interpreted as command-line options by the underlying git CLI. How to fix Arbitrary Argument Injection? Upgrade `mcp-server-git` to version 2025.12.18 or higher.	[,2025.12.18)
M Directory Traversal mcp-server-git is an A Model Context Protocol server providing tools to read, search, and manipulate Git repositories programmatically via LLMs Affected versions of this package are vulnerable to Directory Traversal via improper validation of the path validation in `repo_path` argument when the `--repository` flag is used. An attacker can access or manipulate repositories outside the intended directory by supplying crafted paths. How to fix Directory Traversal? Upgrade `mcp-server-git` to version 2025.11.25 or higher.	[,2025.11.25)
M Directory Traversal mcp-server-git is an A Model Context Protocol server providing tools to read, search, and manipulate Git repositories programmatically via LLMs Affected versions of this package are vulnerable to Directory Traversal via the `git_init` tool. An attacker can create repositories at arbitrary filesystem locations by supplying crafted paths, potentially enabling unauthorized access or manipulation of files and directories accessible to the server process. How to fix Directory Traversal? Upgrade `mcp-server-git` to version 2025.9.25 or higher.	[,2025.9.25)

Vulnerability

Vulnerable Version

Arbitrary Argument Injection

mcp-server-git is an A Model Context Protocol server providing tools to read, search, and manipulate Git repositories programmatically via LLMs

Affected versions of this package are vulnerable to Arbitrary Argument Injection via the git_diff() and git_checkout() functions. An attacker can overwrite arbitrary local files by supplying specially crafted arguments (e.g., --output=/path/to/file for git_diff) that are interpreted as command-line options by the underlying git CLI.

How to fix Arbitrary Argument Injection?

Upgrade mcp-server-git to version 2025.12.18 or higher.

[,2025.12.18)

Directory Traversal

mcp-server-git is an A Model Context Protocol server providing tools to read, search, and manipulate Git repositories programmatically via LLMs

Affected versions of this package are vulnerable to Directory Traversal via improper validation of the path validation in repo_path argument when the --repository flag is used. An attacker can access or manipulate repositories outside the intended directory by supplying crafted paths.

How to fix Directory Traversal?

Upgrade mcp-server-git to version 2025.11.25 or higher.

[,2025.11.25)

Directory Traversal

mcp-server-git is an A Model Context Protocol server providing tools to read, search, and manipulate Git repositories programmatically via LLMs

Affected versions of this package are vulnerable to Directory Traversal via the git_init tool. An attacker can create repositories at arbitrary filesystem locations by supplying crafted paths, potentially enabling unauthorized access or manipulation of files and directories accessible to the server process.

How to fix Directory Traversal?

Upgrade mcp-server-git to version 2025.9.25 or higher.

[,2025.9.25)

mcp-server-git@0.5.0 vulnerabilities

A Model Context Protocol server providing tools to read, search, and manipulate Git repositories programmatically via LLMs

latest version

latest non vulnerable version

first published

latest version published

licenses detected

Direct Vulnerabilities

Fix vulnerabilities automatically