3 matches found
UBUNTU-CVE-2026-44471
gitoxide is an implementation of git written in Rust. Prior to 0.21.1, a malicious tree can be constructed that will, when checked out with gitoxide, permit writing an attacker-controlled symlink into any existing directory the user has write access to. During checkout, all symlink index entries...
CVE-2026-44471 gitoxide: Symlink prefix-reuse allows worktree escape during checkout
gitoxide is an implementation of git written in Rust. Prior to 0.21.1, a malicious tree can be constructed that will, when checked out with gitoxide, permit writing an attacker-controlled symlink into any existing directory the user has write access to. During checkout, all symlink index entries...
CVE-2026-44471
creationtimestamp| type| source ---|---|--- 2026-04-30 10:26:58+00:00| published-proof-of-concept| https://github.com/GitoxideLabs/gitoxide/security/advisories/GHSA-f89h-2fjh-2r9q...