Search CVE reports

Toggle filters

1 – 4 of 4 results

CVE-2018-20683

Medium priority
Needs evaluation

commands/rsync in Gitolite before 3.6.11, if .gitolite.rc enables rsync, mishandles the rsync command line, which allows attackers to have a "bad" impact by triggering use of an option other than -v, -n, -q, or -P.

2 affected packages

gitolite, gitolite3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
gitolite Not in release Not in release Not in release Not in release Not in release
gitolite3 Not affected Not affected Not affected Needs evaluation Needs evaluation
Show less packages

CVE-2013-7203

Medium priority

Not in release

gitolite before commit fa06a34 might allow local users to read arbitrary files in repositories via vectors related to the user umask when running gitolite setup.

1 affected package

gitolite3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
gitolite3
Show less packages

CVE-2013-4451

Medium priority
Not affected

gitolite commit fa06a34 through 3.5.3 might allow attackers to have unspecified impact via vectors involving world-writable permissions when creating (1) ~/.gitolite.rc, (2) ~/.gitolite, or (3) ~/repositories/gitolite-admin.git on...

2 affected packages

gitolite, gitolite3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
gitolite
gitolite3
Show less packages

CVE-2018-16976

Medium priority
Needs evaluation

Gitolite before 3.6.9 does not (in certain configurations involving @all or a regex) properly restrict access to a Git repository that is in the process of being migrated until the full set of migration steps has been completed....

2 affected packages

gitolite, gitolite3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
gitolite Not in release Not in release Not in release Not in release Not in release
gitolite3 Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages