gitoxide (>=0.1.0 <=0.15.0) potentially affected by CVE-2025-31130 via gitoxide-core (>=0.10.5 <=0.3.0)

gitoxide-core CARGO version =0.10.5, =0.1.0, =0.15.0 Source cves: CVE-2025-31130 Source advisory: OSV:GHSA-2FRX-2596-X5R6...

gitoxide (>=0.1.0 <=0.15.0) potentially affected by CVE-2024-43785 via gitoxide-core (>=0.10.5 <=0.3.0)

gitoxide-core CARGO version =0.10.5, =0.1.0, =0.15.0 Source cves: CVE-2024-43785 Source advisory: OSV:GHSA-88G2-R9RW-G55H...

gitoxide-core does not neutralize special characters for terminals

Summary The gix and ein commands write pathnames and other metadata literally to terminals, even if they contain characters terminals treat specially, including ANSI escape sequences. This sometimes allows an untrusted repository to misrepresent its contents and to alter or concoct error messages...

GHSA-88G2-R9RW-G55H gitoxide-core does not neutralize special characters for terminals

Summary The gix and ein commands write pathnames and other metadata literally to terminals, even if they contain characters terminals treat specially, including ANSI escape sequences. This sometimes allows an untrusted repository to misrepresent its contents and to alter or concoct error messages...

CVE-2024-43785

CVE-2024-43785 involves gitoxide-core (and its gix/ein commands) not neutralizing special characters in terminal output. The root cause is that newlines, backspaces, and control characters—including ANSI escape sequences—are not sanitized in repository metadata (paths, author/committer names, com...

CVE-2024-43785 gitoxide-core does not neutralize special characters for terminals

gitoxide An idiomatic, lean, fast & safe pure Rust implementation of Git. gitoxide-core, which provides most underlying functionality of the gix and ein commands, does not neutralize newlines, backspaces, or control characters—including those that form ANSI escape sequences—that appear in a...

CVE-2024-43785 gitoxide-core does not neutralize special characters for terminals

gitoxide An idiomatic, lean, fast & safe pure Rust implementation of Git. gitoxide-core, which provides most underlying functionality of the gix and ein commands, does not neutralize newlines, backspaces, or control characters—including those that form ANSI escape sequences—that appear in a...

CVE-2024-43785 gitoxide-core does not neutralize special characters for terminals

gitoxide An idiomatic, lean, fast & safe pure Rust implementation of Git. gitoxide-core, which provides most underlying functionality of the gix and ein commands, does not neutralize newlines, backspaces, or control characters—including those that form ANSI escape sequences—that appear in a...

gitoxide-core does not neutralize special characters for terminals

Summary The gix and ein commands write pathnames and other metadata literally to terminals, even if they contain characters terminals treat specially, including ANSI escape sequences. This sometimes allows an untrusted repository to misrepresent its contents and to alter or concoct error messages...

gitoxide (>=0.1.0 <=0.15.0) potentially affected by CVE-2024-43785 via gitoxide-core (>=0.10.5 <=0.9.0)

gitoxide-core CARGO version =0.10.5, =0.1.0, =0.15.0 Source cves: CVE-2024-43785 Source advisory: OSV:RUSTSEC-2024-0364...

RUSTSEC-2024-0364 gitoxide-core does not neutralize special characters for terminals

Summary The gix and ein commands write pathnames and other metadata literally to terminals, even if they contain characters terminals treat specially, including ANSI escape sequences. This sometimes allows an untrusted repository to misrepresent its contents and to alter or concoct error messages...

gitoxide (>=0.1.0 <=0.15.0) potentially affected by CVE-2024-35197 via gitoxide-core (>=0.10.5 <=0.1.0)

gitoxide-core CARGO version =0.10.5, =0.1.0, =0.15.0 Source cves: CVE-2024-35197 Source advisory: OSV:GHSA-49JC-R788-3FC9...

gitoxide (>=0.1.0 <=0.15.0) potentially affected by CVE-2024-35186 via gitoxide-core (>=0.10.5 <=0.1.0)

gitoxide-core CARGO version =0.10.5, =0.1.0, =0.15.0 Source cves: CVE-2024-35186 Source advisory: OSV:GHSA-7W47-3WG8-547C...