Package impact
PIP / GitPython
| CVE | Severity | CVSS | Risk | Published | Description | Impact |
|---|---|---|---|---|---|---|
| CVE-2026-42284 | critical | 9.8 | 9.8 | 21d ago | GitPython: Unsafe option check validates multi_options before shlex.split transformation | |
| CVE-2026-42215 | high | 8.8 | 8.8 | 21d ago | GitPython has Command Injection via Git options bypass | |
| CVE-2026-44244 | high | 7.8 | 7.8 | 21d ago | GitPython: Newline injection in config_writer().set_value() enables RCE via core.hooksPath | |
| CVE-2026-44243 | high | 7.1 | 7.1 | 22d ago | GitPython reference APIs has a path traversal vulnerability that allows arbitrary file write and delete outside the repository |