VYPR

rpm package

opensuse/stgit&distro=openSUSE Tumbleweed

pkg:rpm/opensuse/stgit&distro=openSUSE%20Tumbleweed

Vulnerabilities (2)

  • CVE-2026-40034HigMay 26, 2026
    affected < 2.6.0-1.1fixed 2.6.0-1.1

    gix-submodule before 0.29.0 (gitoxide before 0.5.21, gix before 0.84.0) incorrectly validates the update field in .gitmodules, allowing attackers to bypass the CommandForbiddenInModulesConfiguration guard when a submodule has been initialized with only partial configuration in .g

  • CVE-2024-45405MedSep 6, 2024
    affected < 2.4.12-1.1fixed 2.4.12-1.1

    `gix-path` is a crate of the `gitoxide` project (an implementation of `git` written in Rust) dealing paths and their conversions. Prior to version 0.10.11, `gix-path` runs `git` to find the path of a configuration file associated with the `git` installation, but improperly resolv