RUSTSEC-2023-0064: gix-transport code execution vulnerability


> gix-transport code execution vulnerability

| Details             |                                                |
| ------------------- | ---------------------------------------------- |
| Package             | `gix-transport`                      |
| Version             | `0.33.1`                   |
| URL                 | [https://github.com/Byron/gitoxide/pull/1032](https://github.com/Byron/gitoxide/pull/1032) |
| Date                | 2023-09-23                         |
| Patched versions    | `>=0.36.1`                  |

The `gix-transport` crate prior to the patched version 0.36.1 would allow attackers to
use malicious ssh clone URLs to pass arbitrary arguments to the `ssh` program, leading
to arbitrary code execution.

PoC: `gix clone &#39;ssh://-oProxyCommand=open$IFS-aCalculator/foo&#39;`

This will launch a calculator on OSX.

See https://secure.phabricator.com/T12961 for more details on similar vulnerabilities in `git`.

Thanks for [vin01](https://github.com/vin01) for disclosing the issue.

See [advisory page](https://rustsec.org/advisories/RUSTSEC-2023-0064.html) for additional details.


Provide feedback

Saved searches

Use saved searches to filter your results more quickly

RUSTSEC-2023-0064: gix-transport code execution vulnerability #2234

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Details
Package	`gix-transport`
Version	`0.33.1`
URL	GitoxideLabs/gitoxide#1032
Date	2023-09-23
Patched versions	`>=0.36.1`

RUSTSEC-2023-0064: gix-transport code execution vulnerability #2234

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions