CVE-2026-42215

Name of the Vulnerable Software and Affected Versions GitPython versions 3.1.30 through 3.1.46

Description GitPython fails to properly validate certain Python keyword arguments, allowing a bypass of the safety checks intended to block dangerous Git options. While the library blocks options like --upload-pack and --receive-pack by default, using the underscore-form keyword arguments upload pack and receive pack bypasses this validation because the check occurs before the arguments are normalized into command-line flags. If an application passes attacker-controlled keyword arguments into the following functions, it can lead to arbitrary command execution even when allow unsafe options is set to False:

Recommendations Update GitPython to version 3.1.47. As a temporary workaround, avoid passing user-controlled input into the upload pack and receive pack parameters of the Repo.clone from(), Remote.fetch(), Remote.pull(), and Remote.push() functions.