Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

10 advisories

Loading
GitPython blind local file inclusion Moderate
CVE-2023-41040 was published for GitPython (pip) Aug 30, 2023
stsewd m3t3kh4n
EliahKagan
gix-path can use a fake program files location High
CVE-2024-40644 was published for gix-path (Rust) Jul 18, 2024
EliahKagan
gitoxide-core does not neutralize special characters for terminals Low
CVE-2024-43785 was published for gitoxide (Rust) Aug 22, 2024
EliahKagan
Untrusted search path under some conditions on Windows allows arbitrary code execution High
CVE-2024-22190 was published for GitPython (pip) Jan 10, 2024
EliahKagan
gix-path improperly resolves configuration path reported by Git Moderate
CVE-2024-45405 was published for gix-path (Rust) Sep 6, 2024
EliahKagan
gix-path uses local config across repos when it is the highest scope Low
CVE-2024-45305 was published for gix-path (Rust) Sep 3, 2024
EliahKagan martinvonz
gix traversal outside working tree enables arbitrary code execution High
CVE-2024-35186 was published for gitoxide (Rust) May 22, 2024
EliahKagan Byron
gix refs and paths with reserved Windows device names access the devices Moderate
CVE-2024-35197 was published for gitoxide (Rust) May 22, 2024
EliahKagan Byron
gix-transport code execution vulnerability Moderate
GHSA-rrjw-j4m2-mf34 was published for gix-transport (Rust) Sep 25, 2023
EliahKagan
gix-transport indirect code execution via malicious username Moderate
CVE-2024-32884 was published for gitoxide (Rust) Apr 15, 2024
EliahKagan
ProTip! Advisories are also available from the GraphQL API