DEBIAN-CVE-2026-44471

gitoxide is an implementation of git written in Rust. Prior to 0.21.1, a malicious tree can be constructed that will, when checked out with gitoxide, permit writing an attacker-controlled symlink into any existing directory the user has write access to. During checkout, all symlink index entries...

CVE-2026-44471

gitoxide is an implementation of git written in Rust. Prior to 0.21.1, a malicious tree can be constructed that will, when checked out with gitoxide, permit writing an attacker-controlled symlink into any existing directory the user has write access to. During checkout, all symlink index entries...

CVE-2026-44471 gitoxide: Symlink prefix-reuse allows worktree escape during checkout

gitoxide is an implementation of git written in Rust. Prior to 0.21.1, a malicious tree can be constructed that will, when checked out with gitoxide, permit writing an attacker-controlled symlink into any existing directory the user has write access to. During checkout, all symlink index entries...

GHSA-2FC9-XPP8-2G9H `@backstage/backend-common` vulnerable to path traversal through symlinks

Impact Paths checks with the resolveSafeChildPath utility were not exhaustive enough, leading to risk of path traversal vulnerabilities if symlinks can be injected by attackers. Patches Patched in @backstage/backend-common version 0.21.1. Patched in @backstage/backend-common version 0.20.2. Patch...

GLSA-202312-08 : LibRaw: Heap Buffer Overflow

The remote host is affected by the vulnerability described in GLSA-202312-08 LibRaw: Heap Buffer Overflow - A flaw was found in LibRaw. A heap-buffer-overflow in raw2imageex caused by a maliciously crafted file may lead to an application crash. CVE-2023-1729 Note that Nessus has not tested for th...

-lidonghui (=1.0.0), -tompan-reacttemplate (>=1.0.1 <=1.1.0) +54346 more potentially affected by CVE-2021-3749 via axios (>=0.10.0 <=0.21.1)

axios NPM version =0.10.0, =1.0.1, =1.0.1, =1.0.0, =1.0.1 - 03-asenkronsdasdsadavehttprequest =1.0.0 - 04-17 =1.0.0 - 04-17zy =1.0.0 - 04-a =1.0.0 - 04-code =1.0.0 - 05-clima-mundo =1.0.0 - 0726react =0.1.1 - 0a =1.0.0 - 0c =1.0.0 and more Source cves: CVE-2021-3749 Source advisory:...

CVE-2021-29511

evm is a pure Rust implementation of Ethereum Virtual Machine. Prior to the patch, when executing specific EVM opcodes related to memory operations that use evmcore::Memory::copylarge, the evm crate can over-allocate memory when it is not needed, making it possible for an attacker to perform...

PT-2021-18262 · Evm · Evm

Name of the Vulnerable Software and Affected Versions: evm versions prior to 0.21.1 evm versions prior to 0.23.1 evm versions prior to 0.24.1 evm versions prior to 0.25.1 evm versions prior to 0.26.1 Description: The issue is related to the execution of specific EVM opcodes that use evm...

P11-glue P11-kit Input Validation Error Vulnerability

P11-glue P11-kit is a utility software for loading and enumerating PKCS modules by the individual developer of P11-glue. An input validation error vulnerability exists in P11-glue P11-kit versions 0.21.1 through 0.23.21. No information about this vulnerability is available at this time, so stay...