{"id":"GHSA-rrjw-j4m2-mf34","summary":"gix-transport code execution vulnerability","details":"The `gix-transport` crate prior to the patched version 0.36.1 would allow attackers to use malicious ssh clone URLs to pass arbitrary arguments to the `ssh` program, leading to arbitrary code execution.\n\nPoC: `gix clone 'ssh://-oProxyCommand=open$IFS-aCalculator/foo'`\n\nThis will launch a calculator on OSX.\n\nSee https://secure.phabricator.com/T12961 for more details on similar vulnerabilities in `git`.\n\nThanks for [vin01](https://github.com/vin01) for disclosing this issue.","aliases":["CVE-2023-53158","RUSTSEC-2023-0064"],"modified":"2025-07-28T16:41:59.949086Z","published":"2023-09-25T20:21:16Z","database_specific":{"severity":"MODERATE","nvd_published_at":null,"github_reviewed":true,"github_reviewed_at":"2023-09-25T20:21:16Z","cwe_ids":["CWE-78","CWE-88"]},"references":[{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2023-53158"},{"type":"WEB","url":"https://github.com/GitoxideLabs/gitoxide/pull/1032"},{"type":"PACKAGE","url":"https://github.com/GitoxideLabs/gitoxide"},{"type":"WEB","url":"https://rustsec.org/advisories/RUSTSEC-2023-0064.html"},{"type":"WEB","url":"https://secure.phabricator.com/T12961"}],"affected":[{"package":{"name":"gix-transport","ecosystem":"crates.io","purl":"pkg:cargo/gix-transport"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0"},{"fixed":"0.36.1"}]}],"database_specific":{"source":"https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2023/09/GHSA-rrjw-j4m2-mf34/GHSA-rrjw-j4m2-mf34.json"}}],"schema_version":"1.7.3","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N"}]}