GitPython treats reference names supplied by an application as direct file paths inside its internal .git directory. The library fails to reject reference names that contain path traversal sequences or relative components, allowing an attacker to construct a reference name that points outside the intended repository directory. Consequently the application can create, overwrite, move, or delete any file that the process can write, enabling malicious code or configuration changes to be injected beyond the bounds of the repository. The impact is a potential compromise of the application’s integrity and, depending on file types written, could enable remote code execution or data tampering.

The vulnerability affects all versions of GitPython distributed by the gitpython‑developers community that are older than release 3.1.48. Any installation that imports the library to construct, rename, or delete Git references using user‑supplied paths is potentially exposed.

The CVSS score of 7.8 indicates a high severity vulnerability. While no EPSS value is currently published, the lack of publicly documented exploits and its exclusion from the CISA KEV catalog suggest that exploitation has not yet been observed at scale. Nonetheless, the attack is feasible for any user or remote attacker who can influence the reference name passed to the library, making the risk significant especially for applications exposed to untrusted input. The primary vector is local or remote code injection via crafted reference paths, with exploitation requiring the ability to invoke the vulnerable GitPython APIs.