Medium severity4.1NVD Advisory· Published Jul 28, 2025· Updated Jun 17, 2026
CVE-2023-53158
CVE-2023-53158
Description
The gix-transport crate before 0.36.1 for Rust allows command execution via the "gix clone 'ssh://-oProxyCommand=open$IFS" substring. NOTE: this was discovered before CVE-2024-32884, a similar vulnerability (involving a username field) that is more difficult to exploit.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
gix-transportcrates.io | < 0.36.1 | 0.36.1 |
Affected products
1Patches
Vulnerability mechanics
References
6News mentions
0No linked articles in our index yet.