CVE-2024-51990
CVSS V2 None
CVSS V3 None
Description
jj, or Jujutsu, is a Git-compatible VCS written in rust. In affected versions specially crafted Git repositories can cause `jj` to write files outside the clone. This issue has been addressed in version 0.23.0. Users are advised to upgrade. Users unable to upgrade should avoid cloning repos from unknown sources.
Overview
- CVE ID
- CVE-2024-51990
- Assigner
- GitHub_M
- Vulnerability Status
- PUBLISHED
- Published Version
- 2024-11-07T00:15:17.443Z
- Last Modified Date
- 2024-11-07T00:15:17.443Z
Weakness Enumerations
References
Reference URL | Reference Tags |
---|---|
https://github.com/martinvonz/jj/security/advisories/GHSA-88h5-6w7m-5w56 | x_refsource_CONFIRM |
Sources
Source Name | Source URL |
---|---|
NIST | https://nvd.nist.gov/vuln/detail/CVE-2024-51990 |
MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-51990 |
History
Created | Old Value | New Value | Data Type | Notes |
---|---|---|---|---|
2024-11-07 13:07:44 | Added to TrackCVE |