Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Gitolite before 3.6.9 does not (in certain configurations involving @all or a regex) properly restrict access to a Git repository that is in the process of being migrated until the full set of migration steps has been completed. This can allow valid users to obtain unintended access.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Gitolite 安全漏洞
Vulnerability Description
Gitolite是Sitaram Chamarty程序员所研发的一套基于Perl语言的Git服务管理工具。该工具使用公钥对用户进行认证,并支持通过配置文件对写操作进行基于分支和路径的授权。 Gitolite 3.6.9之前版本中存在安全漏洞,该漏洞源于在迁移Git库的过程中程序未妥当地限制对Git库的访问。攻击者可利用该漏洞获取访问权限。
CVSS Information
N/A
Vulnerability Type
N/A