Ecosyste.ms: Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

cargo gix-worktree-state Security Advisories

Browse all Security Advisories for cargo gix-worktree-state

Loading...
Moderate
GSA_kwCzR0hTQS00OWpjLXI3ODgtM2ZjOc4AA8fX
gix refs and paths with reserved Windows device names access the devices
Ecosystems: cargo
Packages: gix-index, gix-ref, gix, gitoxide-core, gix-worktree, gitoxide, gix-worktree-state
Source: GitHub Advisory Database
Blast Radius: 15.4
Published: 6 months ago
High
GSA_kwCzR0hTQS03dzQ3LTN3ZzgtNTQ3Y84AA8fW
gix traversal outside working tree enables arbitrary code execution
Ecosystems: cargo
Packages: gix-index, gitoxide-core, gix, gix-worktree, gix-fs, gitoxide, gix-worktree-state
Source: GitHub Advisory Database
Blast Radius: 24.8
Published: 6 months ago
Statistics
Advisories: 20,668
Packages: 9,040
Repositories: 1
Ecosystems: 12
Filter by Package
openssl-src 26 ckb 22 wasmtime 19 rusqlite 16 deno 13 surrealdb 12 openssl 8 hyper 7 libpulse-binding 7 smallvec 6 sized-chunks 6 apollo-router 6 Simple-Wayland-HotKey-Daemon 6 cargo 6 cranelift-codegen 6 xcb 5 bottlerocket/update-operator 5 tauri 5 messagepack-rs 5 lock_api 5 comrak 5 evm 4 actix-web 4 tremor-script 4 pleaser 4 raw-cpuid 4 wasmtime 4 gitoxide 4 deno_runtime 4 surrealdb-core 4 tokio 4 solana_rbpf 3 acc_reader 3 arrow 3 crossbeam-channel 3 gitoxide-core 3 gix-path 3 ursa 3 quiche 3 anoncreds-clsignatures 3 routinator 3 russh 3 grin 3 ntpd 3 tough 3 cgc 3 crossbeam 3 s2n-quic 3 nanorand 3 slice-deque 3 flatbuffers 3 apache-avro 3 h2 3 arr 3 id-map 3 ammonia 3 fltk 3 matrix-sdk-crypto 3 s2n-tls 3 pallet-ethereum 3 wasm3 3 gix 3 pywasm3 3 rsa 2 rdiff 2 rust-embed 2 failure 2 streebog 2 bumpalo 2 oqs 2 nano-id 2 pyo3 2 array-macro 2 svix 2 biscuit-auth 2 arenavec 2 parc 2 quinn-proto 2 cocoon 2 derive-com-impl 2 lettre 2 stack_dst 2 trust-dns-server 2 pnet 2 vec-const 2 metrics-util 2 libp2p-core 2 lru 2 futures-util 2 gfx-auxil 2 bite 2 binjs_io 2 http 2 simple_asn1 2 flumedb 2 mopa 2 pallet-evm-precompile-modexp 2 ticketed_lock 2 gix-index 2 bronzedb-protocol 2 buffoon 2 rulex 2 crayon 2 diesel 2 cache 2 ozone 2 phonenumber 2 traitobject 2 csv-sniffer 2 opcua 2 zerocopy 2 image 2 ncurses 2 rand_core 2 toodee 2 slock 2 evm-core 2 abi_stable 2 memoffset 2 libgit2-sys 2 ordnung 2 reorder 2 rocket 2 inventory 2 tar 2 multiqueue 2 internment 2 v9 2 vm-memory 2 signal-simple 2 tiny_future 2 Deno 2 simple-slab 2 hyper-staticfile 2 gix-worktree-state 2 gix-worktree 2 slack-morphism 2 sequoia-openpgp 2 nix 2 async-h1 2 molecule 2 async-graphql 2 abomonation 2 sodiumoxide 2 syncpool 2 ash 2 actix-http 2 tectonic_xdv 2 coreos-installer 2 gix-transport 2 crypto2 2 generator 2 libsecp256k1 2 spin 2 mio 2 tor-circmgr 2 sha2 2 tower-http 2 github.com/CosmWasm/wasmvm 2 cosmwasm-vm 2 columnar 2 vodozemac 2 arti 2 net2 2 futures-task 2 Pillow 1 github.com/chai2010/webp 1 ink 1 ink_env 1 branca 1 multihash 1 hpack 1 SkiaSharp 1 electron 1 ripgrep 1 libwebp-sys 1 model 1 blurhash 1 iced-x86 1 libwebp-sys2 1 grep-cli 1 bam 1 ark-r1cs-std 1 actix-utils 1 aliyundrive-webdav 1 mdBook 1 aliyundrive-webdav 1 serde_v8 1 cassandra-cpp 1 magick.net-q8-x64 1 bigint 1 matrix-sdk 1 magick.net-q8-openmp-x64 1 async-coap 1 magick.net-q8-anycpu 1 ascii 1 git2 1 crossbeam-utils 1 magick.net-q16-x64 1 tracing 1