Vulnerabilities > GIT > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2010-12-17 | CVE-2010-3906 | Cross-Site Scripting vulnerability in multiple products Cross-site scripting (XSS) vulnerability in Gitweb 1.7.3.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) f and (2) fp parameters. | 4.3 |
2009-06-18 | CVE-2009-2108 | Resource Management Errors vulnerability in GIT git-daemon in git 1.4.4.5 through 1.6.3 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a request containing extra unrecognized arguments. | 5.0 |
2009-01-21 | CVE-2008-5916 | Permissions, Privileges, and Access Controls vulnerability in GIT gitweb/gitweb.perl in gitweb in Git 1.6.x before 1.6.0.6, 1.5.6.x before 1.5.6.6, 1.5.5.x before 1.5.5.6, 1.5.4.x before 1.5.4.7, and other versions after 1.4.3 allows local repository owners to execute arbitrary commands by modifying the diff.external configuration variable and executing a crafted gitweb query. | 4.6 |