mcp-server-git Argument Injection Vulnerability in git_diff and git_checkout Functions Allowing Arbitrary File Overwrites
Vulnerability
A vulnerability exists in mcp-server-git versions prior to 2025.12.17, where the git_diff and git_checkout functions directly passed user-controlled arguments to git CLI commands without proper sanitization. This oversight allowed flag-like values to be interpreted as command-line options instead of git references, leading to arbitrary file overwrites. The vulnerability has been addressed in version 2025.12.17, which includes validation to reject arguments starting with a dash and ensures that arguments resolve to valid git references before execution.
Impact
Exploitation of this vulnerability could result in unauthorized overwriting of local files, as user-controlled arguments were passed directly to git commands without sanitization.
Remediation
Users are advised to update to version 2025.12.17 or later to address this vulnerability.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.