CVE-2024-35186HIGHCVSS 8.8fixed in rust-gix-fs 0.11.3-1 (forky)2024
CVE-2024-35186 [HIGH] CVE-2024-35186: rust-gix-fs - gitoxide is a pure Rust implementation of Git. During checkout, `gix-worktree-st...
gitoxide is a pure Rust implementation of Git. During checkout, `gix-worktree-state` does not verify that paths point to locations in the working tree. A specially crafted repository can, when cloned, place new files anywhere writable by the application. This vulnerability leads to a major loss of confidentiality, integrity, and availability, but creating files
debian