{"package":"gix-worktree-state","ecosystem":"cargo","latest_version":"0.28.0","description":"A crate of the gitoxide project implementing setting the worktree to a particular state","license":"MIT OR Apache-2.0","homepage":null,"repository":"https://github.com/GitoxideLabs/gitoxide","downloads_weekly":4766235,"health":{"score":75,"risk":"moderate","breakdown":{"maintenance":25,"popularity":17,"security":21,"maturity":12,"community":0},"deprecated":false,"max_score":100},"vulnerabilities":{"count":2,"critical":0,"high":0,"medium":2,"low":0,"details":[{"vuln_id":"CVE-2024-35197","severity":"medium","summary":"gix refs and paths with reserved Windows device names access the devices","affected_versions":">=0","fixed_version":"0.33.0","source":"osv","published_at":"2024-05-22T14:13:24Z","in_kev":false,"epss_prob":0.00044,"epss_percentile":0.13232,"threat_tier":"theoretical"},{"vuln_id":"CVE-2024-35186","severity":"medium","summary":"gix traversal outside working tree enables arbitrary code execution","affected_versions":">=0","fixed_version":"0.33.0","source":"osv","published_at":"2024-05-22T14:05:58Z","in_kev":false,"epss_prob":0.00434,"epss_percentile":0.62849,"threat_tier":"theoretical"}],"actively_exploited_count":0,"likely_exploited_count":0},"versions":{"latest":"0.28.0","total_count":31,"recent":["0.28.0","0.27.0","0.26.0","0.25.0","0.24.0","0.23.0","0.22.0","0.21.0","0.20.0","0.19.0","0.18.1","0.18.0","0.17.0","0.16.0","0.15.0","0.14.0","0.13.0","0.12.0","0.11.1","0.11.0"]},"metadata":{"deprecated":false,"deprecated_message":null,"maintainers_count":0,"first_published":"2023-08-22T10:04:04.939795Z","last_published":"2026-03-22T11:56:11.293742Z","dependencies_count":0,"dependencies":[]},"bundle":null,"typescript":null,"known_issues":{"bugs_count":0,"bugs_severity":{},"status_breakdown":{},"link":null,"scope":"none"},"recommendation":{"action":"safe_to_use","issues":[],"use_version":"0.28.0","version_hint":"Update to >= 0.33.0 to fix known vulnerabilities","summary":"gix-worktree-state@0.28.0 is safe to use (health: 75/100)"},"requested_version":null,"_cache":"miss","_response_ms":206,"_powered_by":"depscope.dev — free package intelligence for AI agents","typosquat":{"is_suspected":false},"maintainer_trust":{"available":false},"malicious":{"is_malicious":false},"scorecard":{"available":false},"quality":{"available":false}}