CVE-2012-4506
Published: 22 October 2012
Directory traversal vulnerability in gitolite 3.x before 3.1, when wild card repositories and a pattern matching "../" are enabled, allows remote authenticated users to create arbitrary repositories and possibly perform other actions via a .. (dot dot) in a repository name.
Notes
Author | Note |
---|---|
jdstrand | per Debian Only affects 3.x releases |