HIGH🇵🇱 Wersja polska

CVE-2026-0810

CVSS 7.1v3.1pub. 2026-01-26upd. 2026-02-26

A flaw was found in gix-date. The `gix_date::parse::TimeBuf::as_str` function can generate strings containing invalid non-UTF8 characters. This issue violates the internal safety invariants of the `TimeBuf` component, leading to undefined behavior when these malformed strings are subsequently processed. This could potentially result in application instability or other unforeseen consequences.

CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
  • Gitoxidelabs Gix Date

    APP
    Gitoxidelabs
    < 0.12.0
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2026-44471HIGH7.8ten sam vendor

gitoxide is an implementation of git written in Rust. Prior to 0.21.1, a malicious tree can be constructed tha...