2 matches found
Improper Neutralization
Soft Serve is vulnerable to improper neutralization. The vulnerability is due to insufficient sanitization of user-supplied inputs and git messages, which allows an attacker to inject malicious ANSI escape sequences and display misleading or fake terminal outputs such as alerts...
gitoxide-core does not neutralize special characters for terminals
Summary The gix and ein commands write pathnames and other metadata literally to terminals, even if they contain characters terminals treat specially, including ANSI escape sequences. This sometimes allows an untrusted repository to misrepresent its contents and to alter or concoct error messages...