3 matches found
CVE-2026-40034 vulnerabilities
Vulnerabilities for packages: cargo-audit...
CVE-2026-40034
creationtimestamp| type| source ---|---|--- 2026-05-26 15:08:44+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmrbjkcv452o 2026-07-01 02:50:28+00:00| published-proof-of-concept| https://github.com/advisories/GHSA-f26g-jm89-4g65...
CVE-2026-40034 gitoxide - Command Injection via Partial .gitmodules Override in gix-submodule
gix-submodule before 0.29.0 gitoxide before 0.5.21, gix before 0.84.0 incorrectly validates the update field in .gitmodules, allowing attackers to bypass the CommandForbiddenInModulesConfiguration guard when a submodule has been initialized with only partial configuration in .git/config. An...