Описание
Directory traversal vulnerability in gitolite 3.x before 3.1, when wild card repositories and a pattern matching "../" are enabled, allows remote authenticated users to create arbitrary repositories and possibly perform other actions via a .. (dot dot) in a repository name.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 2.3-1 |
| hardy | DNE | |
| lucid | DNE | |
| natty | not-affected | |
| oneiric | not-affected | |
| precise | not-affected | |
| upstream | needs-triage |
Показывать по
4.6 Medium
CVSS2
Связанные уязвимости
Directory traversal vulnerability in gitolite 3.x before 3.1, when wild card repositories and a pattern matching "../" are enabled, allows remote authenticated users to create arbitrary repositories and possibly perform other actions via a .. (dot dot) in a repository name.
Directory traversal vulnerability in gitolite 3.x before 3.1, when wil ...
Directory traversal vulnerability in gitolite 3.x before 3.1, when wild card repositories and a pattern matching "../" are enabled, allows remote authenticated users to create arbitrary repositories and possibly perform other actions via a .. (dot dot) in a repository name.
4.6 Medium
CVSS2