6 matches found
CVE-2024-35197 vulnerabilities
Vulnerabilities for packages: cargo-audit...
CVE-2024-35197 vulnerabilities
Vulnerabilities for packages: cargo-audit...
CVE-2024-35197 gix refs and paths with reserved Windows device names access the devices
gitoxide is a pure Rust implementation of Git. On Windows, fetching refs that clash with legacy device names reads from the devices, and checking out paths that clash with such names writes arbitrary data to the devices. This allows a repository, when cloned, to cause indefinite blocking or the...
CVE-2024-35197 gix refs and paths with reserved Windows device names access the devices
gitoxide is a pure Rust implementation of Git. On Windows, fetching refs that clash with legacy device names reads from the devices, and checking out paths that clash with such names writes arbitrary data to the devices. This allows a repository, when cloned, to cause indefinite blocking or the...
gitoxide (>=0.1.0 <=0.15.0) potentially affected by CVE-2024-35197 via gitoxide-core (>=0.10.5 <=0.1.0)
gitoxide-core CARGO version =0.10.5, =0.1.0, =0.15.0 Source cves: CVE-2024-35197 Source advisory: OSV:GHSA-49JC-R788-3FC9...
CVE-2024-35197
creationtimestamp| type| source ---|---|--- 2024-05-22 13:40:52+00:00| published-proof-of-concept| https://github.com/GitoxideLabs/gitoxide/security/advisories/GHSA-49jc-r788-3fc9...