gix-path

crates.io3 known CVEs affecting this package

Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.

CVEs affecting gix-pathpage 1 of 1

CVE-2024-40644MEDIUMCVSS 6.8EG 6.8✓ Fixed in 0.10.9
2024-07-18
gitoxide An idiomatic, lean, fast & safe pure Rust implementation of Git. `gix-path` can be tricked into running another `git.exe` placed in an untrusted location by a limited user account on Windows systems. Windows permits limited user a…
CVE-2024-45305LOWCVSS 2.5EG 2.5✓ Fixed in 0.10.10
2024-09-02
gix-path is a crate of the gitoxide project dealing with git paths and their conversions. `gix-path` executes `git` to find the path of a configuration file that belongs to the `git` installation itself, but mistakenly treats the local rep…
CVE-2024-45405MEDIUMCVSS 6.0EG 6.0✓ Fixed in 0.10.11
2024-09-06
`gix-path` is a crate of the `gitoxide` project (an implementation of `git` written in Rust) dealing paths and their conversions. Prior to version 0.10.11, `gix-path` runs `git` to find the path of a configuration file associated with the …

Check whether gix-path is used in your infrastructure

EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for gix-path CVEs against the assets you own.

Start Free Scan →