gitoxide — Vulnerabilities & Security Advisories 10

All 10 CVE vulnerabilities found in gitoxide, with AI-generated Chinese analysis, references, and POCs.

Vendor: Byron

CVE ID	Title	CVSS	Severity	Published
CVE-2026-0810	Gix-date: gix-date: undefined behavior due to invalid string generation CWE-135	7.1	High	2026-01-26
CVE-2025-31130	gitoxide does not detect SHA-1 collision attacks CWE-328	6.8	Medium	2025-04-04
CVE-2025-22620	gix-worktree-state nonexclusive checkout sets executable files world-writable CWE-281	5.0	Medium	2025-01-20
CVE-2024-45405	gix-path improperly resolves configuration path reported by Git CWE-41	6.0	Medium	2024-09-06
CVE-2024-45305	gix-path uses local config across repos when it is the highest scope CWE-706	2.5	Low	2024-09-02
CVE-2024-43785	gitoxide-core does not neutralize special characters for terminals CWE-150	2.5	Low	2024-08-22
CVE-2024-40644	gitoxide's gix-path can use a fake program files location CWE-345	6.8	Medium	2024-07-18
CVE-2024-35197	gix refs and paths with reserved Windows device names access the devices CWE-67	5.4	Medium	2024-05-23
CVE-2024-35186	gix traversal outside working tree enables arbitrary code execution CWE-23	8.8	High	2024-05-23
CVE-2024-32884	gix-transport indirect code execution via malicious username CWE-77	6.4	Medium	2024-04-26

All 10 known CVE vulnerabilities affecting gitoxide with full Chinese analysis, references, and POCs where available.