5 matches found
CVE-2024-40644
gitoxide An idiomatic, lean, fast & safe pure Rust implementation of Git. gix-path can be tricked into running another git.exe placed in an untrusted location by a limited user account on Windows systems. Windows permits limited user accounts without administrative privileges to create new...
CVE-2024-40644
gitoxide An idiomatic, lean, fast & safe pure Rust implementation of Git. gix-path can be tricked into running another git.exe placed in an untrusted location by a limited user account on Windows systems. Windows permits limited user accounts without administrative privileges to create new...
CVE-2024-40644
The CVE-2024-40644 issue affects gitoxide’s gix-path on Windows. Affected code path allows a limited user to place a malicious git.exe in hard-coded fallback locations (C:/Program Files/Git/mingw64/bin or C:/Program Files (x86)/Git/mingw32/bin). gix-path’s env logic may directly execute that git....
CVE-2024-40644 gitoxide's gix-path can use a fake program files location
gitoxide An idiomatic, lean, fast & safe pure Rust implementation of Git. gix-path can be tricked into running another git.exe placed in an untrusted location by a limited user account on Windows systems. Windows permits limited user accounts without administrative privileges to create new...
CVE-2024-40644 gitoxide's gix-path can use a fake program files location
gitoxide An idiomatic, lean, fast & safe pure Rust implementation of Git. gix-path can be tricked into running another git.exe placed in an untrusted location by a limited user account on Windows systems. Windows permits limited user accounts without administrative privileges to create new...