Debian Rust-Gix-Path vulnerabilities

CVE-2024-45405 [MEDIUM] CVE-2024-45405: rust-gix-path - `gix-path` is a crate of the `gitoxide` project (an implementation of `git` writ... `gix-path` is a crate of the `gitoxide` project (an implementation of `git` written in Rust) dealing paths and their conversions. Prior to version 0.10.11, `gix-path` runs `git` to find the path of a configuration file associated with the `git` installation, but improperly resolves paths containing unusual or non-ASCII characters, in rare cases enabling a lo

CVE-2024-40644 [MEDIUM] CVE-2024-40644: rust-gix-path - gitoxide An idiomatic, lean, fast & safe pure Rust implementation of Git. `gix-p... gitoxide An idiomatic, lean, fast & safe pure Rust implementation of Git. `gix-path` can be tricked into running another `git.exe` placed in an untrusted location by a limited user account on Windows systems. Windows permits limited user accounts without administrative privileges to create new directories in the root of the system drive. While `gix-path` fir

CVE-2024-45305 [LOW] CVE-2024-45305: rust-gix-path - gix-path is a crate of the gitoxide project dealing with git paths and their con... gix-path is a crate of the gitoxide project dealing with git paths and their conversions. `gix-path` executes `git` to find the path of a configuration file that belongs to the `git` installation itself, but mistakenly treats the local repository's configuration as system-wide if no higher scoped configuration is found. In rare cases, this causes a less trusted