Vulnerabilities > Cgit Project

DATE	CVE	VULNERABILITY TITLE	RISK
2018-08-03	CVE-2018-14912	Path Traversal vulnerability in multiple products cgit_clone_objects in CGit before 1.2.1 has a directory traversal vulnerability when `enable-http-clone=1` is not turned off, as demonstrated by a cgit/cgit.cgi/git/objects/?path=../ request. network low complexity cgit-project debian CWE-22	5.0
2016-01-20	CVE-2016-1901	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Integer overflow in the authenticate_post function in CGit before 0.12 allows remote attackers to have unspecified impact via a large value in the Content-Length HTTP header, which triggers a buffer overflow. network low complexity fedoraproject cgit-project CWE-119	7.5
2016-01-20	CVE-2016-1900	CRLF injection vulnerability in the cgit_print_http_headers function in ui-shared.c in CGit before 0.12 allows remote attackers with permission to write to a repository to inject arbitrary HTTP headers and conduct HTTP response splitting attacks or cross-site scripting (XSS) attacks via newline characters in a filename. network fedoraproject cgit-project	4.3
2016-01-20	CVE-2016-1899	CRLF injection vulnerability in the ui-blob handler in CGit before 0.12 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks or cross-site scripting (XSS) attacks via CRLF sequences in the mimetype parameter, as demonstrated by a request to blob/cgit.c. network fedoraproject cgit-project	4.3

Vulnerabilities > Cgit Project {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Cgit Project"}]}