Lucene search
+L

5 matches found

cgr
cgr
added 2025/03/21 10:12 a.m.28 views

CVE-2024-35186 vulnerabilities

Vulnerabilities for packages: cargo-audit...

8.8CVSS7.1AI score0.00816EPSS
Exploits0
osv
osv
added 2024/05/23 9:15 a.m.2 views

DEBIAN-CVE-2024-35186

gitoxide is a pure Rust implementation of Git. During checkout, gix-worktree-state does not verify that paths point to locations in the working tree. A specially crafted repository can, when cloned, place new files anywhere writable by the application. This vulnerability leads to a major loss of...

8.8CVSS5.5AI score0.00816EPSS
Exploits0References1
ubuntucve
ubuntucve
added 2024/05/23 9:15 a.m.8 views

CVE-2024-35186

gitoxide is a pure Rust implementation of Git. During checkout, gix-worktree-state does not verify that paths point to locations in the working tree. A specially crafted repository can, when cloned, place new files anywhere writable by the application. This vulnerability leads to a major loss of...

8.8CVSS5.9AI score0.00816EPSS
Exploits0References5
osv
osv
added 2024/05/23 8:55 a.m.5 views

CVE-2024-35186 gix traversal outside working tree enables arbitrary code execution

gitoxide is a pure Rust implementation of Git. During checkout, gix-worktree-state does not verify that paths point to locations in the working tree. A specially crafted repository can, when cloned, place new files anywhere writable by the application. This vulnerability leads to a major loss of...

8.8CVSS8.4AI score0.00816EPSS
Exploits0References3
vulnersosv
vulnersosv
added 2024/05/22 2:5 p.m.6 views

gitoxide (>=0.1.0 <=0.15.0) potentially affected by CVE-2024-35186 via gitoxide-core (>=0.10.5 <=0.1.0)

gitoxide-core CARGO version =0.10.5, =0.1.0, =0.15.0 Source cves: CVE-2024-35186 Source advisory: OSV:GHSA-7W47-3WG8-547C...

8.8CVSS5.8AI score0.00816EPSS
Exploits0
Rows per page
Query Builder