CVE-2026-0810

Опубликовано: 26 янв. 2026

Источник: nvd

CVSS3: 7.1

EPSS Низкий

Описание

A flaw was found in gix-date. The gix_date::parse::TimeBuf::as_str function can generate strings containing invalid non-UTF8 characters. This issue violates the internal safety invariants of the TimeBuf component, leading to undefined behavior when these malformed strings are subsequently processed. This could potentially result in application instability or other unforeseen consequences.

Ссылки

https://access.redhat.com/security/cve/CVE-2026-0810
Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2427057
Issue Tracking
https://crates.io/crates/gix-date
Product
https://github.com/GitoxideLabs/gitoxide/issues/2305
Exploit
Issue Tracking
https://rustsec.org/advisories/RUSTSEC-2025-0140.html
Third Party Advisory
https://github.com/GitoxideLabs/gitoxide/issues/2305
Exploit
Issue Tracking

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:gitoxidelabs:gix-date:*:*:*:*:*:rust:*:*

Версия до 0.12.0 (исключая)

EPSS

Процентиль: 0%

0.00005

Низкий

7.1 High

CVSS3

Дефекты

CWE-135

CWE-682

Связанные уязвимости

CVE-2026-0810

CVSS3: 7.1

ubuntu

2 месяца назад

A flaw was found in gix-date. The `gix_date::parse::TimeBuf::as_str` function can generate strings containing invalid non-UTF8 characters. This issue violates the internal safety invariants of the `TimeBuf` component, leading to undefined behavior when these malformed strings are subsequently processed. This could potentially result in application instability or other unforeseen consequences.

CVE-2026-0810

CVSS3: 7.1

redhat

3 месяца назад

CVE-2026-0810

CVSS3: 7.1

debian

2 месяца назад

A flaw was found in gix-date. The `gix_date::parse::TimeBuf::as_str` f ...

GHSA-6mw6-mj76-grwc

github

3 месяца назад

gix-date can create non-utf8 string with `TimeBuf::as_str`

EPSS

Процентиль: 0%

0.00005

Низкий

7.1 High

CVSS3

Дефекты

CWE-135

CWE-682