Jjutsu VCS vulnerability can causefiles outside the clone
CVE-2024-51990
Currently unrated
Summary
jj, or Jujutsu, is a Git-compatible VCS written in rust. In affected versions specially crafted Git repositories can cause jj to write files outside the clone. This issue has been addressed in version 0.23.0. Users are advised to upgrade. Users unable to upgrade should avoid cloning repos from unknown sources.
References
Timeline
Vulnerability published