Jjutsu VCS vulnerability can causefiles outside the clone
CVE-2024-51990
Currently unrated
What is CVE-2024-51990?
jj, or Jujutsu, is a Git-compatible VCS written in rust. In affected versions specially crafted Git repositories can cause jj to write files outside the clone. This issue has been addressed in version 0.23.0. Users are advised to upgrade. Users unable to upgrade should avoid cloning repos from unknown sources.