gitoxide Security Advisories - Cargo | Ecosyste.ms: Advisories

gitoxide

cargo

A command-line application for interacting with git repositories

View on github.com · View on crates.io

Security Advisories for gitoxide in cargo

High

26 days ago

gix and gitoxide: unvalidated submodule name traverses out of .git/modules and redirects state() / open() to another repository GSA_kwCzR0hTQS1mcjh4LTN2ZngtZjQ1aM4ABWMo

cargo gix, gitoxide

High

26 days ago

gix and gitoxide's symlinked .gitmodules are followed and parsed from outside of the repository GSA_kwCzR0hTQS1wZzR3LWc2NHAtcXdoas4ABWMn

cargo gix, gitoxide

Moderate

about 1 year ago

gitoxide does not detect SHA-1 collision attacks GSA_kwCzR0hTQS0yZnJ4LTI1OTYteDVyNs4ABGbF

cargo gix-worktree-state, gix-worktree, gix-traverse, gix-status, gix-revwalk, gix-revision, gix-ref, gix-protocol, gix-negotiate, gix-merge, gix-fsck, gix-filter, gix-discover, gix-dir, gix-diff, gix-config, gix-blame, gix-archive, gix, gitoxide-core, gitoxide, gix-pack, gix-odb, gix-object, gix-index, gix-commitgraph, gix-features

Potential

Moderate

over 1 year ago

gix-worktree-state nonexclusive checkout sets executable files world-writable GSA_kwCzR0hTQS1mcW1mLXc0eGgtMzNyaM4ABDo5

cargo gix-worktree-state

Low

almost 2 years ago

gitoxide-core does not neutralize special characters for terminals GSA_kwCzR0hTQS04OGcyLXI5cnctZzU1aM4AA-4b

cargo gitoxide, gitoxide-core

Moderate

about 2 years ago

gix refs and paths with reserved Windows device names access the devices GSA_kwCzR0hTQS00OWpjLXI3ODgtM2ZjOc4AA8fX

cargo gix-index, gix-ref, gix, gitoxide-core, gix-worktree, gitoxide, gix-worktree-state

High

about 2 years ago

gix traversal outside working tree enables arbitrary code execution GSA_kwCzR0hTQS03dzQ3LTN3ZzgtNTQ3Y84AA8fW

cargo gix-index, gitoxide-core, gix, gix-worktree, gix-fs, gitoxide, gix-worktree-state

Moderate

about 2 years ago

gix-transport indirect code execution via malicious username GSA_kwCzR0hTQS05OHA0LXhqbW0tOG1maM4AA7Bc

cargo gitoxide, gix, gix-transport

Potential

Moderate

over 2 years ago

gix-transport code execution vulnerability GSA_kwCzR0hTQS1ycmp3LWo0bTItbWYzNM4AA2CW

cargo gix-transport

Filter by Severity

Moderate 5 High 3 Low 1

ecosyste.ms

Data

Tools

Indexes

Applications

Experiments

Advisories

gitoxide

gix and gitoxide: unvalidated submodule name traverses out of .git/modules and redirects state() / open() to another repository GSA_kwCzR0hTQS1mcjh4LTN2ZngtZjQ1aM4ABWMo

gix and gitoxide's symlinked .gitmodules are followed and parsed from outside of the repository GSA_kwCzR0hTQS1wZzR3LWc2NHAtcXdoas4ABWMn

gitoxide does not detect SHA-1 collision attacks GSA_kwCzR0hTQS0yZnJ4LTI1OTYteDVyNs4ABGbF

gix-worktree-state nonexclusive checkout sets executable files world-writable GSA_kwCzR0hTQS1mcW1mLXc0eGgtMzNyaM4ABDo5

gitoxide-core does not neutralize special characters for terminals GSA_kwCzR0hTQS04OGcyLXI5cnctZzU1aM4AA-4b

gix refs and paths with reserved Windows device names access the devices GSA_kwCzR0hTQS00OWpjLXI3ODgtM2ZjOc4AA8fX

gix traversal outside working tree enables arbitrary code execution GSA_kwCzR0hTQS03dzQ3LTN3ZzgtNTQ3Y84AA8fW

gix-transport indirect code execution via malicious username GSA_kwCzR0hTQS05OHA0LXhqbW0tOG1maM4AA7Bc

gix-transport code execution vulnerability GSA_kwCzR0hTQS1ycmp3LWo0bTItbWYzNM4AA2CW

Filter by Severity