Package impact
PIP / GitPython
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-42284 | critical | 9.8 | 9.8 | 27d ago | GitPython: Unsafe option check validates multi_options before shlex.split transformation | |||
| CVE-2026-42215 | high | 8.8 | 8.8 | 27d ago | GitPython has Command Injection via Git options bypass | |||
| CVE-2026-44244 | high | 7.8 | 7.8 | 27d ago | GitPython: Newline injection in config_writer().set_value() enables RCE via core.hooksPath | |||
| CVE-2026-44243 | high | 7.1 | 7.1 | 28d ago | GitPython reference APIs has a path traversal vulnerability that allows arbitrary file write and delete outside the repository |