CVE-2026-44243
GitPython Path Traversal Vulnerability
Publication date: 2026-05-07
Last updated on: 2026-05-07
Assigner: GitHub, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| gitpython_project | gitpython | to 3.1.48 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-22 | The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory. |
Attack-Flow Graph
AI Powered Q&A
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The vulnerability in GitPython allows attackers to write, overwrite, move, or delete files outside the repositoryβs .git directory by exploiting insufficient validation of reference paths. This unauthorized file manipulation can lead to corruption of application state or denial of service.
Such unauthorized access and potential data corruption could impact compliance with standards and regulations like GDPR and HIPAA, which require protection of data integrity, confidentiality, and availability. If sensitive data or system files are affected, organizations using vulnerable versions of GitPython might face risks related to data breaches or service disruptions, potentially violating these regulations.
Therefore, it is important for organizations to apply the patch (version 3.1.48 or later) to mitigate these risks and maintain compliance with relevant security and data protection standards.
Can you explain this vulnerability to me?
CVE-2026-44243 is a path traversal vulnerability in the GitPython library, which is used to interact with Git repositories. The vulnerability arises because GitPython versions prior to 3.1.48 do not sufficiently validate reference paths during creation, rename, and delete operations. This allows an attacker who can supply a crafted reference path to write, overwrite, move, or delete files outside the repository's .git directory.
The issue occurs because while paths are checked when read, they are not properly validated before filesystem write operations, enabling unauthorized file system modifications outside the intended repository boundaries.
How can this vulnerability impact me? :
This vulnerability can allow attackers to modify or delete files outside the Git repository's .git directory by supplying crafted reference paths. Such unauthorized file system access can lead to corruption of application state or cause denial of service conditions.
Applications that expose GitPython reference operations to user-controlled input, such as CI/CD helpers, repository management backends, and developer platforms, are particularly at risk.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability involves insufficient validation of reference paths in GitPython, allowing crafted reference paths to write, overwrite, move, or delete files outside the repositoryβs .git directory.
Detection involves identifying if your system or applications use GitPython versions prior to 3.1.48 and whether they accept user-controlled input for Git reference operations.
Since the vulnerability is exploited by supplying crafted reference paths, monitoring or logging unusual filesystem operations related to Git references or unexpected file modifications outside the .git directory may help detect exploitation attempts.
Specific commands to detect this vulnerability are not provided in the available resources.
What immediate steps should I take to mitigate this vulnerability?
The primary mitigation step is to upgrade GitPython to version 3.1.48 or later, where this vulnerability has been patched.
Additionally, ensure that applications using GitPython do not expose reference operations to untrusted or user-controlled input without proper validation.
Validate reference paths before performing filesystem write, rename, or delete operations to ensure they remain within the repository boundaries.