CVE-2024-56074 Information
Dec 16, 2024
cve
Description
gitingest before 9996a06 mishandles symbolic links that point outside of the base directory.
Reference
https://github.com/cyclotruc/gitingest/blob/9996a06a94450497c1abb35997f5e6cbc9b571ff/src/ingest.py#L22-L30 https://github.com/cyclotruc/gitingest/blob/9996a06a94450497c1abb35997f5e6cbc9b571ff/src/ingest.py#L99-L100 https://github.com/cyclotruc/gitingest/commit/9996a06a94450497c1abb35997f5e6cbc9b571ff https://github.com/cyclotruc/gitingest/pull/23 https://gitingest.com/
Share on: