CVE-2026-0810

Exploit

EPSS 0.01%
Veröffentlicht 26.01.2026 19:36:45
Zuletzt bearbeitet 26.02.2026 16:23:35
Quelle secalert@redhat.com
CVE-Watchlists
Login
Unerledigt
Login

A flaw was found in gix-date. The `gix_date::parse::TimeBuf::as_str` function can generate strings containing invalid non-UTF8 characters. This issue violates the internal safety invariants of the `TimeBuf` component, leading to undefined behavior when these malformed strings are subsequently processed. This could potentially result in application instability or other unforeseen consequences.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 2 Referenzen 8

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Gitoxidelabs ≫ Gix-date SwPlatformrust Version < 0.12.0

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.01%	0.003

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
secalert@redhat.com	7.1	1.8	5.2	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
nvd@nist.gov	7.1	1.8	5.2	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

CWE-135 Incorrect Calculation of Multi-Byte String Length

The product does not correctly calculate the length of strings that can contain wide or multi-byte characters.

CWE-682 Incorrect Calculation

The product performs a calculation that generates incorrect or unintended results that are later used in security-critical decisions or resource management.

https://access.redhat.com/security/cve/CVE-2026-0810

Third Party Advisory

https://bugzilla.redhat.com/show_bug.cgi?id=2427057

Issue Tracking

https://crates.io/crates/gix-date

Product

https://github.com/GitoxideLabs/gitoxide/issues/2305

Exploit

Issue Tracking

https://rustsec.org/advisories/RUSTSEC-2025-0140.html

Third Party Advisory

https://nvd.nist.gov/vuln/detail/CVE-2026-0810