Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
4.6
CVSSv2

CVE-2012-4506

Published: 22/10/2012 Updated: 07/11/2023
CVSS v2 Base Score: 4.6 | Impact Score: 6.4 | Exploitability Score: 3.9
VMScore: 409
Vector: AV:N/AC:H/Au:S/C:P/I:P/A:P

Vulnerability Summary

Directory traversal vulnerability in gitolite 3.x prior to 3.1, when wild card repositories and a pattern matching "../" are enabled, allows remote authenticated users to create arbitrary repositories and possibly perform other actions via a .. (dot dot) in a repository name.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

sitaram chamarty gitolite 3.01

gitolite gitolite 3.0

gitolite gitolite 3.02

gitolite gitolite 3.03

gitolite gitolite 3.04

References

CWE-22https://github.com/sitaramc/gitolite/commit/f636ce3ba3e340569b26d1e47b9d9b62dd8a3bf2http://www.openwall.com/lists/oss-security/2012/10/10/1http://www.openwall.com/lists/oss-security/2012/10/10/2http://secunia.com/advisories/50896http://www.securityfocus.com/bid/55853https://exchange.xforce.ibmcloud.com/vulnerabilities/79130https://groups.google.com/forum/#%21topic/gitolite/K9SnQNhCQ-0/discussionhttps://nvd.nist.gov
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073CVE-2024-5496CVE-2024-5495XPath injectionbypassCVE-2024-30043CVE-2024-24919denial of serviceCVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook