PT-2026-38320

Name of the Vulnerable Software and Affected Versions gitoxide versions prior to 0.21.1 Description A malicious tree can be constructed that, when checked out, allows writing an attacker-controlled symlink into any directory where the user has write access. This occurs because gix fs::Stack::make...

Traversal outside working tree enables arbitrary code execution

Summary During checkout, gitoxide does not verify that paths point to locations in the working tree. A specially crafted repository can, when cloned, place new files anywhere writable by the application. Details Although gix-worktree-state checks for collisions with existing files, it does not...