-
-
Notifications
You must be signed in to change notification settings - Fork 346
Security: GitoxideLabs/gitoxide
Security Navigation
Security Advisories
View known security vulnerabilities and report new vulnerabilities privately to maintainers.
-
SHA-1 collision attacks are not detectedGHSA-2frx-2596-x5r6 published
Apr 4, 2025 by EliahKaganModerate -
gix-worktree-state nonexclusive checkout sets executable files world-writableGHSA-fqmf-w4xh-33rh published
Jan 18, 2025 by ByronModerate -
gix-path improperly resolves configuration path reported by GitGHSA-m8rp-vv92-46c7 published
Sep 6, 2024 by ByronModerate -
gix-path uses local config across repos when it is the highest scopeGHSA-v26r-4c9c-h3j6 published
Aug 31, 2024 by ByronLow -
gitoxide-core does not neutralize special characters for terminalsGHSA-88g2-r9rw-g55h published
Aug 22, 2024 by ByronLow -
gix-path can use a fake program files locationGHSA-mgvv-9p9g-3jv4 published
Jul 18, 2024 by ByronModerate -
Refs and paths with reserved Windows device names access the devicesGHSA-49jc-r788-3fc9 published
May 22, 2024 by ByronModerate -
Traversal outside working tree enables arbitrary code executionGHSA-7w47-3wg8-547c published
May 22, 2024 by ByronHigh -
gix-transport indirect code execution via malicious usernameGHSA-98p4-xjmm-8mfh published
Apr 13, 2024 by ByronModerate