CVE-2024-51990

CVSS V2 None CVSS V3 None
Description
jj, or Jujutsu, is a Git-compatible VCS written in rust. In affected versions specially crafted Git repositories can cause `jj` to write files outside the clone. This issue has been addressed in version 0.23.0. Users are advised to upgrade. Users unable to upgrade should avoid cloning repos from unknown sources.
Overview
  • CVE ID
  • CVE-2024-51990
  • Assigner
  • GitHub_M
  • Vulnerability Status
  • PUBLISHED
  • Published Version
  • 2024-11-07T00:15:17.443Z
  • Last Modified Date
  • 2024-11-07T00:15:17.443Z
References
Reference URL Reference Tags
https://github.com/martinvonz/jj/security/advisories/GHSA-88h5-6w7m-5w56 x_refsource_CONFIRM
History
Created Old Value New Value Data Type Notes
2024-11-07 13:07:44 Added to TrackCVE