Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

10 advisories

Loading
gix-transport indirect code execution via malicious username Moderate
CVE-2024-32884 was published for gitoxide (Rust) Apr 15, 2024
EliahKagan
gix-transport code execution vulnerability Moderate
GHSA-rrjw-j4m2-mf34 was published for gix-transport (Rust) Sep 25, 2023
EliahKagan
gix refs and paths with reserved Windows device names access the devices Moderate
CVE-2024-35197 was published for gitoxide (Rust) May 22, 2024
EliahKagan Byron
gix traversal outside working tree enables arbitrary code execution High
CVE-2024-35186 was published for gitoxide (Rust) May 22, 2024
EliahKagan Byron
gix-path can use a fake program files location Moderate
CVE-2024-40644 was published for gix-path (Rust) Jul 18, 2024
EliahKagan
gix-path uses local config across repos when it is the highest scope Low
CVE-2024-45305 was published for gix-path (Rust) Sep 3, 2024
EliahKagan martinvonz
gix-path improperly resolves configuration path reported by Git Moderate
CVE-2024-45405 was published for gix-path (Rust) Sep 6, 2024
EliahKagan
GitPython blind local file inclusion Moderate
CVE-2023-41040 was published for GitPython (pip) Aug 30, 2023
stsewd m3t3kh4n
EliahKagan
Untrusted search path under some conditions on Windows allows arbitrary code execution High
CVE-2024-22190 was published for GitPython (pip) Jan 10, 2024
EliahKagan
gitoxide-core does not neutralize special characters for terminals Low
CVE-2024-43785 was published for gitoxide (Rust) Aug 22, 2024
EliahKagan
ProTip! Advisories are also available from the GraphQL API