Advisories for Cargo/Eza package

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-3qx3-6hxr-j2ch. This link is maintained to preserve external references. Original Description Buffer Overflow vulnerability in eza before version 0.18.2, allows local attackers to execute arbitrary code via the .git/HEAD, .git/refs, and .git/objects components.

In eza, there exists a potential heap overflow vulnerability, first seen when using Ubuntu for Raspberry Pi series system, on ubuntu-raspi kernel, relating to the .git directory.