Kallithea-scm - Kallithea CVE

Filtered by vendor Kallithea-scm Subscribe

Filtered by product Kallithea

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Total 2 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2015-0260	2 Kallithea-scm, Rhodecode	2 Kallithea, Rhodecode Enterprise	2020-05-28	4.0 MEDIUM	N/A
RhodeCode before 2.2.7 and Kallithea 0.1 allows remote authenticated users to obtain API keys and other sensitive information via the get_repo API method.
CVE-2015-5285	1 Kallithea-scm	1 Kallithea	2020-05-28	5.0 MEDIUM	N/A
CRLF injection vulnerability in Kallithea before 0.3 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the came_from parameter to _admin/login.

Vulnerabilities (CVE)