Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Gitolite Subscribe
Filtered by product Gitolite

CVSS v3 Filter

ALL
NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2010-2447 1 Gitolite 1 Gitolite 2019-11-12 7.5 HIGH 9.8 CRITICAL
gitolite before 1.4.1 does not filter src/ or hooks/ from path names.
CVE-2013-4451 1 Gitolite 1 Gitolite 2018-11-19 7.5 HIGH 9.8 CRITICAL
gitolite commit fa06a34 through 3.5.3 might allow attackers to have unspecified impact via vectors involving world-writable permissions when creating (1) ~/.gitolite.rc, (2) ~/.gitolite, or (3) ~/repositories/gitolite-admin.git on fresh installs.