18 matches found
GHSA-F26G-JM89-4G65 vulnerabilities
Vulnerabilities for packages: jujutsu, cargo-audit...
GHSA-FR8X-3VFX-F45H vulnerabilities
Vulnerabilities for packages: jujutsu, cargo-audit...
GHSA-PG4W-G64P-QWHJ vulnerabilities
Vulnerabilities for packages: jujutsu, cargo-audit...
GHSA-P3HW-MV63-RF9W vulnerabilities
Vulnerabilities for packages: jujutsu, cargo-audit...
GHSA-X494-MJ8G-CJ27 vulnerabilities
Vulnerabilities for packages: jujutsu, cargo-audit...
CVE-2026-0810 vulnerabilities
Vulnerabilities for packages: jujutsu, watchexec, starship, cargo-c...
GHSA-6MW6-MJ76-GRWC vulnerabilities
Vulnerabilities for packages: jujutsu, watchexec, starship, cargo-c...
EUVD-2024-3221
Malicious code in bioql PyPI...
EUVD-2025-10054
Malicious code in bioql PyPI...
CVE-2025-55159 vulnerabilities
Vulnerabilities for packages: zola, pixi, jujutsu, mdbook, uv, linkerd2, shadowsocks-rust, efs-utils, buck2, linkerd-extension-init, linkerd2-proxy...
GHSA-QX2V-8332-M4FV vulnerabilities
Vulnerabilities for packages: zola, pixi, jujutsu, mdbook, uv, linkerd2, shadowsocks-rust, efs-utils, buck2, linkerd-extension-init, linkerd2-proxy...
CVE-2024-51990
jj, or Jujutsu, is a Git-compatible VCS written in rust. In affected versions specially crafted Git repositories can cause jj to write files outside the clone. This issue has been addressed in version 0.23.0. Users are advised to upgrade. Users unable to upgrade should avoid cloning repos from...
GHSA-794X-2RPG-RFGR Jujutsu does not have SHA-1 collision detection
Summary Jujutsu 0.28.0 and earlier rely on versions of gitoxide that use SHA-1 hash implementations without any collision detection, leaving them vulnerable to hash collision attacks. Details This is a result of the underlying CVE-2025-31130 / GHSA-2frx-2596-x5r6 vulnerability in the gitoxide...
Jujutsu does not have SHA-1 collision detection
Summary Jujutsu 0.28.0 and earlier rely on versions of gitoxide that use SHA-1 hash implementations without any collision detection, leaving them vulnerable to hash collision attacks. Details This is a result of the underlying CVE-2025-31130 / GHSA-2frx-2596-x5r6 vulnerability in the gitoxide...
OPENSUSE-SU-2024:14485-1 jujutsu-0.23.0-1.1 on GA media
These are all security issues fixed in the jujutsu-0.23.0-1.1 package on the GA media of openSUSE Tumbleweed...
CVE-2024-51990 Path traversal via crafted Git repositories in jj
jj, or Jujutsu, is a Git-compatible VCS written in rust. In affected versions specially crafted Git repositories can cause jj to write files outside the clone. This issue has been addressed in version 0.23.0. Users are advised to upgrade. Users unable to upgrade should avoid cloning repos from...
CVE-2024-51990 Path traversal via crafted Git repositories in jj
jj, or Jujutsu, is a Git-compatible VCS written in rust. In affected versions specially crafted Git repositories can cause jj to write files outside the clone. This issue has been addressed in version 0.23.0. Users are advised to upgrade. Users unable to upgrade should avoid cloning repos from...
Jujutsu 路径遍历漏洞
Jujutsu is a powerful version control system for software projects from the individual developer Martin von Zweigbergk. A path traversal vulnerability previously existed in Jujutsu version 0.23.0, which stems from the fact that a specially crafted Git repository could cause jj to write files...