Closed github-actions[bot] closed 5 months ago
https://rustsec.org/advisories/RUSTSEC-2024-0335
Crate: gix-transport Version: 0.41.2 Title: gix-transport indirect code execution via malicious username Date: 2024-04-13 ID: RUSTSEC-2024-0335 URL: https://rustsec.org/advisories/RUSTSEC-2024-0335 Solution: Upgrade to >=0.42.0 Dependency tree: gix-transport 0.41.2 └── gix-protocol 0.44.2 └── gix 0.61.0 └── test_util 0.1.1 ├── vergen-lib 0.1.2 │ ├── vergen-gix 1.0.0 │ │ └── vergen-pretty 0.3.3 │ ├── vergen-gitcl 1.0.0 │ ├── vergen-git2 1.0.0 │ └── vergen 9.0.0 │ ├── vergen-gix 1.0.0 │ ├── vergen-gitcl 1.0.0 │ └── vergen-git2 1.0.0 ├── vergen-gix 1.0.0 ├── vergen-gitcl 1.0.0 ├── vergen-git2 1.0.0 └── vergen 9.0.0
‼️ RUSTSEC-2024-0335 ‼️
https://rustsec.org/advisories/RUSTSEC-2024-0335