CVE-2026-44243
published 2026-05-07CVE-2026-44243: GitPython is a python library used to interact with Git repositories. Prior to version 3.1.48, a vulnerability in GitPython allows attackers who can supply a…
PriorityP334high7.1CVSS 3.1
AVLACLPRLUINSUCNIHAH
EPSS
0.42%
33.6th percentile
GitPython is a python library used to interact with Git repositories. Prior to version 3.1.48, a vulnerability in GitPython allows attackers who can supply a crafted reference path to an application using GitPython to write, overwrite, move, or delete files outside the repository’s .git directory via insufficient validation of reference paths in reference creation, rename, and delete operations. This issue has been patched in version 3.1.48.
Affected
31 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ansible-automation-platform-26 | controller-rhel9 | — | — |
| ansible-automation-platform-26 | hub-rhel9 | — | — |
| exploit-intelligence-tech-preview | vulnerability-analysis-rhel9 | — | — |
| gitpython-developers | gitpython | < 3.1.48 | 3.1.48 |
| gitpython_project | gitpython | < 3.1.48 | 3.1.48 |
| gitpython_project | gitpython | — | — |
| gitpython_project | gitpython | >= 0 < 3.1.48 | 3.1.48 |
| mta | mta-solution-server-rhel9 | — | — |
| openshift4 | microshift-bootc-rhel9 | — | — |
| pen-drive | pen-drive-scanner-rhel9 | — | — |
| rhaiis | vllm-cpu-rhel9 | — | — |
| rhaiis | vllm-tpu-rhel9 | — | — |
| rhelai3 | bootc-cuda-rhel9 | — | — |
| rhelai3 | bootc-rocm-rhel9 | — | — |
| rhelai3 | disk-image-cuda-rhel9 | — | — |
| rhoai | odh-mlflow-rhel9 | — | — |
| rhoai | odh-training-cuda128-torch29-py312-rhel9 | — | — |
| rhoai | odh-trustyai-nemo-guardrails-server-rhel9 | — | — |
| rhoai | odh-workbench-jupyter-datascience-cpu-py312-rhel9 | — | — |
| rhoai | odh-workbench-jupyter-minimal-cpu-py312-rhel9 | — | — |
| rhoai | odh-workbench-jupyter-minimal-cuda-py312-rhel9 | — | — |
| rhoai | odh-workbench-jupyter-minimal-rocm-py312-rhel9 | — | — |
| rhoai | odh-workbench-jupyter-pytorch-cuda-py312-rhel9 | — | — |
| rhoai | odh-workbench-jupyter-pytorch-llmcompressor-cuda-py312-rhel9 | — | — |
| rhoai | odh-workbench-jupyter-pytorch-rocm-py312-rhel9 | — | — |
CVSS provenance
nvdv3.17.1HIGHCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
nvdv4.07.8HIGHCVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
vendor_redhat7.1HIGH
vendor_ubuntu6.5MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Ubuntu
GitPython vulnerabilities
vendor_ubuntu·2026-05-26·CVSS 6.5
CVE-2026-42215 [MEDIUM] GitPython vulnerabilities
Title: GitPython vulnerabilities
Summary: Several security issues were fixed in GitPython.
Santos Gallegos discovered that GitPython did not properly validate
paths when resolving certain Git references. An attacker could possibly
use this issue to cause files outside the .git directory to be accessed,
leading to a denial of service. This issue only affected Ubuntu 14.04
LTS, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu
22.04 LTS. (CVE-2023-41040)
Wes Ring discovered that GitPython did not properly block certain unsafe
Git options when they were provided as Python keyword arguments. An
attacker could possibly use this issue to cause arbitrary command
execution. (CVE-2026-42215)
It was discovered that GitPython did not properly validate clone options
before processin
Red Hat
GitPython: GitPython: Arbitrary file write via crafted reference paths
vendor_redhat·2026-05-07·CVSS 7.1
CVE-2026-44243 [HIGH] CWE-22 GitPython: GitPython: Arbitrary file write via crafted reference paths
GitPython: GitPython: Arbitrary file write via crafted reference paths
GitPython is a python library used to interact with Git repositories. Prior to version 3.1.48, a vulnerability in GitPython allows attackers who can supply a crafted reference path to an application using GitPython to write, overwrite, move, or delete files outside the repository’s .git directory via insufficient validation of reference paths in reference creation, rename, and delete operations. This issue has been patched in version 3.1.48.
A flaw was found in GitPython, a Python library used to interact with Git repositories. This vulnerability allows attackers to supply a specially crafted reference path to an application utilizing GitPython. Due to insufficient validation of these paths during reference creation,
VulDB
gitpython-developers GitPython up to 3.1.47 path traversal
vuldb·2026-05-07·CVSS 7.8
CVE-2026-44243 [HIGH] gitpython-developers GitPython up to 3.1.47 path traversal
A vulnerability has been found in gitpython-developers GitPython up to 3.1.47 and classified as critical. This impacts an unknown function. The manipulation leads to path traversal.
This vulnerability is documented as CVE-2026-44243. The attack can be initiated remotely. There is not any exploit available.
The affected component should be upgraded.
GHSA
GitPython reference APIs has a path traversal vulnerability that allows arbitrary file write and delete outside the repository
ghsa·2026-05-06
CVE-2026-44243 [HIGH] CWE-22 GitPython reference APIs has a path traversal vulnerability that allows arbitrary file write and delete outside the repository
GitPython reference APIs has a path traversal vulnerability that allows arbitrary file write and delete outside the repository
## 🧾 Summary
A vulnerability in **GitPython** allows **attackers who can supply a crafted reference path to an application using GitPython** to **write, overwrite, move, or delete files outside the repository’s `.git` directory** via **insufficient validation of reference paths in reference creation, rename, and delete operations**.
---
## 📦 Affected Versions
* Affected: `
[+] outside_delete exists after delete: False
```
---
## 💥 Impact
### What can an attacker do?
* Create or overwrite files outside the repository metadata directory
* Delete attacker-chosen files reachable from the process permissions
* Corrupt application state or configuration files
*
No detection rules found.
No public exploits indexed.
2026-05-07
Published