Skip to main content

Gitolite

2 CVEs product

Monthly

CVE-2018-16976 HIGH PATCH This Week

Gitolite before 3.6.9 does not (in certain configurations involving @all or a regex) properly restrict access to a Git repository that is in the process of being migrated until the full set of. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity.

Race Condition Information Disclosure Gitolite
NVD GitHub
CVSS 3.0
8.1
EPSS
1.2%
CVE-2012-4506 MEDIUM This Month

Directory traversal vulnerability in gitolite 3.x before 3.1, when wild card repositories and a pattern matching "../" are enabled, allows remote authenticated users to create arbitrary repositories. Rated medium severity (CVSS 4.6), this vulnerability is remotely exploitable. No vendor patch available.

Path Traversal Gitolite
NVD GitHub
CVSS 2.0
4.6
EPSS
0.8%
EPSS 1% CVSS 8.1
HIGH PATCH This Week

Gitolite before 3.6.9 does not (in certain configurations involving @all or a regex) properly restrict access to a Git repository that is in the process of being migrated until the full set of. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity.

Race Condition Information Disclosure Gitolite
NVD GitHub
EPSS 1% CVSS 4.6
MEDIUM This Month

Directory traversal vulnerability in gitolite 3.x before 3.1, when wild card repositories and a pattern matching "../" are enabled, allows remote authenticated users to create arbitrary repositories. Rated medium severity (CVSS 4.6), this vulnerability is remotely exploitable. No vendor patch available.

Path Traversal Gitolite
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy