gix-fs

crates.io2 known CVEs affecting this package

Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.

CVEs affecting gix-fspage 1 of 1

CVE-2024-35186HIGHCVSS 8.8EG 8.8✓ Fixed in 0.11.0
2024-05-23
gitoxide is a pure Rust implementation of Git. During checkout, `gix-worktree-state` does not verify that paths point to locations in the working tree. A specially crafted repository can, when cloned, place new files anywhere writable by t…
CVE-2026-44471HIGHCVSS 7.8EG 7.8✓ Fixed in 0.21.1
2026-05-13
gitoxide is an implementation of git written in Rust. Prior to 0.21.1, a malicious tree can be constructed that will, when checked out with gitoxide, permit writing an attacker-controlled symlink into any existing directory the user has wr…

Check whether gix-fs is used in your infrastructure

EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for gix-fs CVEs against the assets you own.

Start Free Scan →