ГлавнаяУязвимости → CVE-2026-0810
7.1высокая

CVE-2026-0810

Описание

A flaw was found in gix-date. The `gix_date::parse::TimeBuf::as_str` function can generate strings containing invalid non-UTF8 characters. This issue violates the internal safety invariants of the `TimeBuf` component, leading to undefined behavior when these malformed strings are subsequently processed. This could potentially result in application instability or other unforeseen consequences.

Затрагиваемое ПО
Gitoxidelabs Gix-date
CVSS
Балл7.1 — высокая
ВекторCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
Источники
https://access.redhat.com/security/cve/CVE-2026-0810https://bugzilla.redhat.com/show_bug.cgi?id=2427057https://crates.io/crates/gix-datehttps://github.com/GitoxideLabs/gitoxide/issues/2305https://rustsec.org/advisories/RUSTSEC-2025-0140.htmlhttps://github.com/GitoxideLabs/gitoxide/issues/2305