Security: GitoxideLabs/gitoxide
Security
SECURITY.md
Please feel free to draft a GitHub advisory, and I will work with you to disclose and or resolve the issue responsibly.
If this doesn't seem like the right approach or there are questions, please feel free to reach out to the email used in Sebastian Thiel's commits.
Thank you.
-
SHA-1 collision attacks are not detectedGHSA-2frx-2596-x5r6 published
Apr 4, 2025 by EliahKaganModerate -
gix-worktree-state nonexclusive checkout sets executable files world-writableGHSA-fqmf-w4xh-33rh published
Jan 18, 2025 by ByronModerate -
gix-path improperly resolves configuration path reported by GitGHSA-m8rp-vv92-46c7 published
Sep 6, 2024 by ByronModerate -
gix-path uses local config across repos when it is the highest scopeGHSA-v26r-4c9c-h3j6 published
Aug 31, 2024 by ByronLow -
gitoxide-core does not neutralize special characters for terminalsGHSA-88g2-r9rw-g55h published
Aug 22, 2024 by ByronLow -
gix-path can use a fake program files locationGHSA-mgvv-9p9g-3jv4 published
Jul 18, 2024 by ByronModerate -
Refs and paths with reserved Windows device names access the devicesGHSA-49jc-r788-3fc9 published
May 22, 2024 by ByronModerate -
Traversal outside working tree enables arbitrary code executionGHSA-7w47-3wg8-547c published
May 22, 2024 by ByronHigh -
gix-transport indirect code execution via malicious usernameGHSA-98p4-xjmm-8mfh published
Apr 13, 2024 by ByronModerate
Learn more about advisories related to GitoxideLabs/gitoxide in the GitHub Advisory Database