| |
Vulnerability CVE-2024-43785
Published: 2024-08-22
| Description: |
gitoxide An idiomatic, lean, fast & safe pure Rust implementation of Git. gitoxide-core, which provides most underlying functionality of the gix and ein commands, does not neutralize newlines, backspaces, or control characters??including those that form ANSI escape sequences??that appear in a repository's paths, author and committer names, commit messages, or other metadata. Such text may be written as part of the output of a command, as well as appearing in error messages when an operation fails. This sometimes allows an untrusted repository to misrepresent its contents and to alter or concoct error messages. |
References: |
https://github.com/Byron/gitoxide/security/advisories/GHSA-88g2-r9rw-g55h
|
|
|
Copyright 2026, cxsecurity.com
|
|
|
