Gitolite CVE - OpenCVE

Filtered by vendor Gitolite Subscribe

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Total 2 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2010-2447	1 Gitolite	1 Gitolite	2019-11-12	7.5 HIGH	9.8 CRITICAL
gitolite before 1.4.1 does not filter src/ or hooks/ from path names.
CVE-2013-4451	1 Gitolite	1 Gitolite	2018-11-19	7.5 HIGH	9.8 CRITICAL
gitolite commit fa06a34 through 3.5.3 might allow attackers to have unspecified impact via vectors involving world-writable permissions when creating (1) ~/.gitolite.rc, (2) ~/.gitolite, or (3) ~/repositories/gitolite-admin.git on fresh installs.

Vulnerabilities (CVE)