RSS   Podatności dla 'Gitolite'   RSS

2012-10-22
 
CVE-2012-4506

CWE-22
 

 
Directory traversal vulnerability in gitolite 3.x before 3.1, when wild card repositories and a pattern matching "../" are enabled, allows remote authenticated users to create arbitrary repositories and possibly perform other actions via a .. (dot dot) in a repository name.

 
2011-10-04
 
CVE-2011-1572

CWE-22
 

 
Directory traversal vulnerability in the Admin Defined Commands (ADC) feature in gitolite before 1.5.9.1 allows remote attackers to execute arbitrary commands via .. (dot dot) sequences in admin-defined commands.

 


Copyright 2024, cxsecurity.com

 

Back to Top