Vulnerabilites related to cgit_project - cgit
CVE-2018-14912 (GCVE-0-2018-14912)
Vulnerability from cvelistv5
Published
2018-08-03 19:00
Modified
2024-08-05 09:46
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
cgit_clone_objects in CGit before 1.2.1 has a directory traversal vulnerability when `enable-http-clone=1` is not turned off, as demonstrated by a cgit/cgit.cgi/git/objects/?path=../ request.
References
| ► | URL | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T09:46:25.186Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[debian-lts-announce] 20180806 [SECURITY] [DLA-1459-1] cgit security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/08/msg00005.html"
},
{
"name": "45195",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/45195/"
},
{
"name": "DSA-4263",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2018/dsa-4263"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1627"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://lists.zx2c4.com/pipermail/cgit/2018-August/004176.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-08-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "cgit_clone_objects in CGit before 1.2.1 has a directory traversal vulnerability when `enable-http-clone=1` is not turned off, as demonstrated by a cgit/cgit.cgi/git/objects/?path=../ request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-08-16T09:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "[debian-lts-announce] 20180806 [SECURITY] [DLA-1459-1] cgit security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/08/msg00005.html"
},
{
"name": "45195",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/45195/"
},
{
"name": "DSA-4263",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2018/dsa-4263"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1627"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://lists.zx2c4.com/pipermail/cgit/2018-August/004176.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-14912",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "cgit_clone_objects in CGit before 1.2.1 has a directory traversal vulnerability when `enable-http-clone=1` is not turned off, as demonstrated by a cgit/cgit.cgi/git/objects/?path=../ request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[debian-lts-announce] 20180806 [SECURITY] [DLA-1459-1] cgit security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2018/08/msg00005.html"
},
{
"name": "45195",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/45195/"
},
{
"name": "DSA-4263",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2018/dsa-4263"
},
{
"name": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1627",
"refsource": "MISC",
"url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1627"
},
{
"name": "https://lists.zx2c4.com/pipermail/cgit/2018-August/004176.html",
"refsource": "MISC",
"url": "https://lists.zx2c4.com/pipermail/cgit/2018-August/004176.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-14912",
"datePublished": "2018-08-03T19:00:00",
"dateReserved": "2018-08-03T00:00:00",
"dateUpdated": "2024-08-05T09:46:25.186Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-1900 (GCVE-0-2016-1900)
Vulnerability from cvelistv5
Published
2016-01-20 16:00
Modified
2024-08-05 23:10
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
CRLF injection vulnerability in the cgit_print_http_headers function in ui-shared.c in CGit before 0.12 allows remote attackers with permission to write to a repository to inject arbitrary HTTP headers and conduct HTTP response splitting attacks or cross-site scripting (XSS) attacks via newline characters in a filename.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T23:10:39.899Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[oss-security] 20160114 CVE Request: CGit - Multiple vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2016/01/14/3"
},
{
"name": "openSUSE-SU-2016:0218",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-01/msg00084.html"
},
{
"name": "[CGit] 20160114 [ANNOUNCE] CGIT v0.12 Released",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.zx2c4.com/pipermail/cgit/2016-January/002817.html"
},
{
"name": "[CGit] 20160113 XSS in cgit",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.zx2c4.com/pipermail/cgit/2016-January/002790.html"
},
{
"name": "FEDORA-2016-e5a5fb196f",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/176198.html"
},
{
"name": "openSUSE-SU-2016:0196",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-01/msg00067.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.zx2c4.com/cgit/commit/?id=513b3863d999f91b47d7e9f26710390db55f9463"
},
{
"name": "[oss-security] 20160114 Re: CVE Request: CGit - Multiple vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2016/01/14/6"
},
{
"name": "DSA-3545",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2016/dsa-3545"
},
{
"name": "FEDORA-2016-215b507409",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/176167.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-01-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "CRLF injection vulnerability in the cgit_print_http_headers function in ui-shared.c in CGit before 0.12 allows remote attackers with permission to write to a repository to inject arbitrary HTTP headers and conduct HTTP response splitting attacks or cross-site scripting (XSS) attacks via newline characters in a filename."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-05T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "[oss-security] 20160114 CVE Request: CGit - Multiple vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2016/01/14/3"
},
{
"name": "openSUSE-SU-2016:0218",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-01/msg00084.html"
},
{
"name": "[CGit] 20160114 [ANNOUNCE] CGIT v0.12 Released",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.zx2c4.com/pipermail/cgit/2016-January/002817.html"
},
{
"name": "[CGit] 20160113 XSS in cgit",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.zx2c4.com/pipermail/cgit/2016-January/002790.html"
},
{
"name": "FEDORA-2016-e5a5fb196f",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/176198.html"
},
{
"name": "openSUSE-SU-2016:0196",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-01/msg00067.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.zx2c4.com/cgit/commit/?id=513b3863d999f91b47d7e9f26710390db55f9463"
},
{
"name": "[oss-security] 20160114 Re: CVE Request: CGit - Multiple vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2016/01/14/6"
},
{
"name": "DSA-3545",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2016/dsa-3545"
},
{
"name": "FEDORA-2016-215b507409",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/176167.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-1900",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "CRLF injection vulnerability in the cgit_print_http_headers function in ui-shared.c in CGit before 0.12 allows remote attackers with permission to write to a repository to inject arbitrary HTTP headers and conduct HTTP response splitting attacks or cross-site scripting (XSS) attacks via newline characters in a filename."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20160114 CVE Request: CGit - Multiple vulnerabilities",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/01/14/3"
},
{
"name": "openSUSE-SU-2016:0218",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2016-01/msg00084.html"
},
{
"name": "[CGit] 20160114 [ANNOUNCE] CGIT v0.12 Released",
"refsource": "MLIST",
"url": "http://lists.zx2c4.com/pipermail/cgit/2016-January/002817.html"
},
{
"name": "[CGit] 20160113 XSS in cgit",
"refsource": "MLIST",
"url": "http://lists.zx2c4.com/pipermail/cgit/2016-January/002790.html"
},
{
"name": "FEDORA-2016-e5a5fb196f",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/176198.html"
},
{
"name": "openSUSE-SU-2016:0196",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2016-01/msg00067.html"
},
{
"name": "http://git.zx2c4.com/cgit/commit/?id=513b3863d999f91b47d7e9f26710390db55f9463",
"refsource": "CONFIRM",
"url": "http://git.zx2c4.com/cgit/commit/?id=513b3863d999f91b47d7e9f26710390db55f9463"
},
{
"name": "[oss-security] 20160114 Re: CVE Request: CGit - Multiple vulnerabilities",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/01/14/6"
},
{
"name": "DSA-3545",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2016/dsa-3545"
},
{
"name": "FEDORA-2016-215b507409",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/176167.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-1900",
"datePublished": "2016-01-20T16:00:00",
"dateReserved": "2016-01-14T00:00:00",
"dateUpdated": "2024-08-05T23:10:39.899Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-1899 (GCVE-0-2016-1899)
Vulnerability from cvelistv5
Published
2016-01-20 16:00
Modified
2024-08-05 23:10
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
CRLF injection vulnerability in the ui-blob handler in CGit before 0.12 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks or cross-site scripting (XSS) attacks via CRLF sequences in the mimetype parameter, as demonstrated by a request to blob/cgit.c.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T23:10:40.239Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[oss-security] 20160114 CVE Request: CGit - Multiple vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2016/01/14/3"
},
{
"name": "openSUSE-SU-2016:0218",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-01/msg00084.html"
},
{
"name": "[CGit] 20160114 [ANNOUNCE] CGIT v0.12 Released",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.zx2c4.com/pipermail/cgit/2016-January/002817.html"
},
{
"name": "[CGit] 20160113 XSS in cgit",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.zx2c4.com/pipermail/cgit/2016-January/002790.html"
},
{
"name": "FEDORA-2016-e5a5fb196f",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/176198.html"
},
{
"name": "openSUSE-SU-2016:0196",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-01/msg00067.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.zx2c4.com/cgit/commit/?id=1c581a072651524f3b0d91f33e22a42c4166dd96"
},
{
"name": "[oss-security] 20160114 Re: CVE Request: CGit - Multiple vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2016/01/14/6"
},
{
"name": "DSA-3545",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2016/dsa-3545"
},
{
"name": "FEDORA-2016-215b507409",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/176167.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-01-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "CRLF injection vulnerability in the ui-blob handler in CGit before 0.12 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks or cross-site scripting (XSS) attacks via CRLF sequences in the mimetype parameter, as demonstrated by a request to blob/cgit.c."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-05T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "[oss-security] 20160114 CVE Request: CGit - Multiple vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2016/01/14/3"
},
{
"name": "openSUSE-SU-2016:0218",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-01/msg00084.html"
},
{
"name": "[CGit] 20160114 [ANNOUNCE] CGIT v0.12 Released",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.zx2c4.com/pipermail/cgit/2016-January/002817.html"
},
{
"name": "[CGit] 20160113 XSS in cgit",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.zx2c4.com/pipermail/cgit/2016-January/002790.html"
},
{
"name": "FEDORA-2016-e5a5fb196f",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/176198.html"
},
{
"name": "openSUSE-SU-2016:0196",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-01/msg00067.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.zx2c4.com/cgit/commit/?id=1c581a072651524f3b0d91f33e22a42c4166dd96"
},
{
"name": "[oss-security] 20160114 Re: CVE Request: CGit - Multiple vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2016/01/14/6"
},
{
"name": "DSA-3545",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2016/dsa-3545"
},
{
"name": "FEDORA-2016-215b507409",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/176167.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-1899",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "CRLF injection vulnerability in the ui-blob handler in CGit before 0.12 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks or cross-site scripting (XSS) attacks via CRLF sequences in the mimetype parameter, as demonstrated by a request to blob/cgit.c."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20160114 CVE Request: CGit - Multiple vulnerabilities",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/01/14/3"
},
{
"name": "openSUSE-SU-2016:0218",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2016-01/msg00084.html"
},
{
"name": "[CGit] 20160114 [ANNOUNCE] CGIT v0.12 Released",
"refsource": "MLIST",
"url": "http://lists.zx2c4.com/pipermail/cgit/2016-January/002817.html"
},
{
"name": "[CGit] 20160113 XSS in cgit",
"refsource": "MLIST",
"url": "http://lists.zx2c4.com/pipermail/cgit/2016-January/002790.html"
},
{
"name": "FEDORA-2016-e5a5fb196f",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/176198.html"
},
{
"name": "openSUSE-SU-2016:0196",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2016-01/msg00067.html"
},
{
"name": "http://git.zx2c4.com/cgit/commit/?id=1c581a072651524f3b0d91f33e22a42c4166dd96",
"refsource": "CONFIRM",
"url": "http://git.zx2c4.com/cgit/commit/?id=1c581a072651524f3b0d91f33e22a42c4166dd96"
},
{
"name": "[oss-security] 20160114 Re: CVE Request: CGit - Multiple vulnerabilities",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/01/14/6"
},
{
"name": "DSA-3545",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2016/dsa-3545"
},
{
"name": "FEDORA-2016-215b507409",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/176167.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-1899",
"datePublished": "2016-01-20T16:00:00",
"dateReserved": "2016-01-14T00:00:00",
"dateUpdated": "2024-08-05T23:10:40.239Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-1901 (GCVE-0-2016-1901)
Vulnerability from cvelistv5
Published
2016-01-20 16:00
Modified
2024-08-05 23:10
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Integer overflow in the authenticate_post function in CGit before 0.12 allows remote attackers to have unspecified impact via a large value in the Content-Length HTTP header, which triggers a buffer overflow.
References
| ► | URL | Tags | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T23:10:40.011Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[oss-security] 20160114 CVE Request: CGit - Multiple vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2016/01/14/3"
},
{
"name": "openSUSE-SU-2016:0218",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-01/msg00084.html"
},
{
"name": "[CGit] 20160114 [ANNOUNCE] CGIT v0.12 Released",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.zx2c4.com/pipermail/cgit/2016-January/002817.html"
},
{
"name": "FEDORA-2016-e5a5fb196f",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/176198.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.zx2c4.com/cgit/commit/?id=4458abf64172a62b92810c2293450106e6dfc763"
},
{
"name": "openSUSE-SU-2016:0196",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-01/msg00067.html"
},
{
"name": "[oss-security] 20160114 Re: CVE Request: CGit - Multiple vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2016/01/14/6"
},
{
"name": "DSA-3545",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2016/dsa-3545"
},
{
"name": "FEDORA-2016-215b507409",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/176167.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-01-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in the authenticate_post function in CGit before 0.12 allows remote attackers to have unspecified impact via a large value in the Content-Length HTTP header, which triggers a buffer overflow."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-05T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "[oss-security] 20160114 CVE Request: CGit - Multiple vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2016/01/14/3"
},
{
"name": "openSUSE-SU-2016:0218",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-01/msg00084.html"
},
{
"name": "[CGit] 20160114 [ANNOUNCE] CGIT v0.12 Released",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.zx2c4.com/pipermail/cgit/2016-January/002817.html"
},
{
"name": "FEDORA-2016-e5a5fb196f",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/176198.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.zx2c4.com/cgit/commit/?id=4458abf64172a62b92810c2293450106e6dfc763"
},
{
"name": "openSUSE-SU-2016:0196",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-01/msg00067.html"
},
{
"name": "[oss-security] 20160114 Re: CVE Request: CGit - Multiple vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2016/01/14/6"
},
{
"name": "DSA-3545",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2016/dsa-3545"
},
{
"name": "FEDORA-2016-215b507409",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/176167.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-1901",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer overflow in the authenticate_post function in CGit before 0.12 allows remote attackers to have unspecified impact via a large value in the Content-Length HTTP header, which triggers a buffer overflow."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20160114 CVE Request: CGit - Multiple vulnerabilities",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/01/14/3"
},
{
"name": "openSUSE-SU-2016:0218",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2016-01/msg00084.html"
},
{
"name": "[CGit] 20160114 [ANNOUNCE] CGIT v0.12 Released",
"refsource": "MLIST",
"url": "http://lists.zx2c4.com/pipermail/cgit/2016-January/002817.html"
},
{
"name": "FEDORA-2016-e5a5fb196f",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/176198.html"
},
{
"name": "http://git.zx2c4.com/cgit/commit/?id=4458abf64172a62b92810c2293450106e6dfc763",
"refsource": "CONFIRM",
"url": "http://git.zx2c4.com/cgit/commit/?id=4458abf64172a62b92810c2293450106e6dfc763"
},
{
"name": "openSUSE-SU-2016:0196",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2016-01/msg00067.html"
},
{
"name": "[oss-security] 20160114 Re: CVE Request: CGit - Multiple vulnerabilities",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/01/14/6"
},
{
"name": "DSA-3545",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2016/dsa-3545"
},
{
"name": "FEDORA-2016-215b507409",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/176167.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-1901",
"datePublished": "2016-01-20T16:00:00",
"dateReserved": "2016-01-14T00:00:00",
"dateUpdated": "2024-08-05T23:10:40.011Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2016-01-20 16:59
Modified
2025-04-12 10:46
Severity ?
Summary
Integer overflow in the authenticate_post function in CGit before 0.12 allows remote attackers to have unspecified impact via a large value in the Content-Length HTTP header, which triggers a buffer overflow.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fedoraproject | fedora | 22 | |
| cgit_project | cgit | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*",
"matchCriteriaId": "253C303A-E577-4488-93E6-68A8DD942C38",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cgit_project:cgit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AF3ADACB-C9F2-4EFB-8B07-AADA98BE5FA8",
"versionEndIncluding": "0.11.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in the authenticate_post function in CGit before 0.12 allows remote attackers to have unspecified impact via a large value in the Content-Length HTTP header, which triggers a buffer overflow."
},
{
"lang": "es",
"value": "Desbordamiento de enteros en la funci\u00f3n authenticate_post en CGit en versiones anteriores a 0.12 permite a atacantes remotos tener un impacto no especificado a trav\u00e9s de un gran valor en la cabecera HTTP Content-Length, lo que desencadena un desbordamiento del buffer."
}
],
"id": "CVE-2016-1901",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-01-20T16:59:05.880",
"references": [
{
"source": "cve@mitre.org",
"url": "http://git.zx2c4.com/cgit/commit/?id=4458abf64172a62b92810c2293450106e6dfc763"
},
{
"source": "cve@mitre.org",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/176167.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/176198.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-updates/2016-01/msg00067.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-updates/2016-01/msg00084.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://lists.zx2c4.com/pipermail/cgit/2016-January/002817.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2016/dsa-3545"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.openwall.com/lists/oss-security/2016/01/14/3"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.openwall.com/lists/oss-security/2016/01/14/6"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://git.zx2c4.com/cgit/commit/?id=4458abf64172a62b92810c2293450106e6dfc763"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/176167.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/176198.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-updates/2016-01/msg00067.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-updates/2016-01/msg00084.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://lists.zx2c4.com/pipermail/cgit/2016-January/002817.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2016/dsa-3545"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.openwall.com/lists/oss-security/2016/01/14/3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.openwall.com/lists/oss-security/2016/01/14/6"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-01-20 16:59
Modified
2025-04-12 10:46
Severity ?
Summary
CRLF injection vulnerability in the ui-blob handler in CGit before 0.12 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks or cross-site scripting (XSS) attacks via CRLF sequences in the mimetype parameter, as demonstrated by a request to blob/cgit.c.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fedoraproject | fedora | 22 | |
| cgit_project | cgit | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*",
"matchCriteriaId": "253C303A-E577-4488-93E6-68A8DD942C38",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cgit_project:cgit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AF3ADACB-C9F2-4EFB-8B07-AADA98BE5FA8",
"versionEndIncluding": "0.11.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "CRLF injection vulnerability in the ui-blob handler in CGit before 0.12 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks or cross-site scripting (XSS) attacks via CRLF sequences in the mimetype parameter, as demonstrated by a request to blob/cgit.c."
},
{
"lang": "es",
"value": "Vulnerabilidad de inyecci\u00f3n CRLF en el manejador ui-blob en CGit en versiones anteriores a 0.12 permite a atacantes remotos inyectar cabeceras HTTP arbitrarias y realizar ataques de separaci\u00f3n de respuesta HTTP o ataques XSS a trav\u00e9s de secuencias CRLF en el par\u00e1metro mimetype, seg\u00fan lo demostrado por una petici\u00f3n ablob/cgit.c."
}
],
"evaluatorComment": "\u003ca href=\"https://cwe.mitre.org/data/definitions/93.html\"\u003eCWE-93: Improper Neutralization of CRLF Sequences (\u0027CRLF Injection\u0027)\u003c/a\u003e",
"id": "CVE-2016-1899",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.2,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-01-20T16:59:03.880",
"references": [
{
"source": "cve@mitre.org",
"url": "http://git.zx2c4.com/cgit/commit/?id=1c581a072651524f3b0d91f33e22a42c4166dd96"
},
{
"source": "cve@mitre.org",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/176167.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/176198.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-updates/2016-01/msg00067.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-updates/2016-01/msg00084.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.zx2c4.com/pipermail/cgit/2016-January/002790.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://lists.zx2c4.com/pipermail/cgit/2016-January/002817.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2016/dsa-3545"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.openwall.com/lists/oss-security/2016/01/14/3"
},
{
"source": "cve@mitre.org",
"url": "http://www.openwall.com/lists/oss-security/2016/01/14/6"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://git.zx2c4.com/cgit/commit/?id=1c581a072651524f3b0d91f33e22a42c4166dd96"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/176167.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/176198.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-updates/2016-01/msg00067.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-updates/2016-01/msg00084.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.zx2c4.com/pipermail/cgit/2016-January/002790.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://lists.zx2c4.com/pipermail/cgit/2016-January/002817.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2016/dsa-3545"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.openwall.com/lists/oss-security/2016/01/14/3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2016/01/14/6"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-01-20 16:59
Modified
2025-04-12 10:46
Severity ?
Summary
CRLF injection vulnerability in the cgit_print_http_headers function in ui-shared.c in CGit before 0.12 allows remote attackers with permission to write to a repository to inject arbitrary HTTP headers and conduct HTTP response splitting attacks or cross-site scripting (XSS) attacks via newline characters in a filename.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fedoraproject | fedora | 22 | |
| cgit_project | cgit | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*",
"matchCriteriaId": "253C303A-E577-4488-93E6-68A8DD942C38",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cgit_project:cgit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AF3ADACB-C9F2-4EFB-8B07-AADA98BE5FA8",
"versionEndIncluding": "0.11.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "CRLF injection vulnerability in the cgit_print_http_headers function in ui-shared.c in CGit before 0.12 allows remote attackers with permission to write to a repository to inject arbitrary HTTP headers and conduct HTTP response splitting attacks or cross-site scripting (XSS) attacks via newline characters in a filename."
},
{
"lang": "es",
"value": "Vulnerabilidad de inyecci\u00f3n CRLF en la funci\u00f3n cgit_print_http_headers en ui-shared.c en CGit en versiones anteriores a 0.12 permite a atacantes remotos con permisos para escribir en un repositorio inyectar cabeceras HTTP arbitrarias y realizar ataques de separaci\u00f3n de respuesta HTTP o ataques XSS a trav\u00e9s de caracteres de nueva l\u00ednea en un nombre de archivo."
}
],
"evaluatorComment": "\u003ca href=\"https://cwe.mitre.org/data/definitions/93.html\"\u003eCWE-93: Improper Neutralization of CRLF Sequences (\u0027CRLF Injection\u0027)\u003c/a\u003e",
"id": "CVE-2016-1900",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.2,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-01-20T16:59:04.910",
"references": [
{
"source": "cve@mitre.org",
"url": "http://git.zx2c4.com/cgit/commit/?id=513b3863d999f91b47d7e9f26710390db55f9463"
},
{
"source": "cve@mitre.org",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/176167.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/176198.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-updates/2016-01/msg00067.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-updates/2016-01/msg00084.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.zx2c4.com/pipermail/cgit/2016-January/002790.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://lists.zx2c4.com/pipermail/cgit/2016-January/002817.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2016/dsa-3545"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.openwall.com/lists/oss-security/2016/01/14/3"
},
{
"source": "cve@mitre.org",
"url": "http://www.openwall.com/lists/oss-security/2016/01/14/6"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://git.zx2c4.com/cgit/commit/?id=513b3863d999f91b47d7e9f26710390db55f9463"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/176167.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/176198.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-updates/2016-01/msg00067.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-updates/2016-01/msg00084.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.zx2c4.com/pipermail/cgit/2016-January/002790.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://lists.zx2c4.com/pipermail/cgit/2016-January/002817.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2016/dsa-3545"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.openwall.com/lists/oss-security/2016/01/14/3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2016/01/14/6"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-08-03 19:29
Modified
2024-11-21 03:50
Severity ?
Summary
cgit_clone_objects in CGit before 1.2.1 has a directory traversal vulnerability when `enable-http-clone=1` is not turned off, as demonstrated by a cgit/cgit.cgi/git/objects/?path=../ request.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cgit_project | cgit | * | |
| debian | debian_linux | 8.0 | |
| debian | debian_linux | 9.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cgit_project:cgit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A3C9DDFD-4294-46E7-9EDB-45865B1E0BED",
"versionEndExcluding": "1.2.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "cgit_clone_objects in CGit before 1.2.1 has a directory traversal vulnerability when `enable-http-clone=1` is not turned off, as demonstrated by a cgit/cgit.cgi/git/objects/?path=../ request."
},
{
"lang": "es",
"value": "cgit_clone_objects en CGit en versiones anteriores a la 1.2.1 tiene una vulnerabilidad de salto de directorio cuando \"enable-http-clone=1\" no est\u00e1 apagado, tal y como queda demostrado con una petici\u00f3n cgit/cgit.cgi/git/objects/?path=../."
}
],
"id": "CVE-2018-14912",
"lastModified": "2024-11-21T03:50:04.503",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-08-03T19:29:00.793",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1627"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/08/msg00005.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://lists.zx2c4.com/pipermail/cgit/2018-August/004176.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2018/dsa-4263"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/45195/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1627"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/08/msg00005.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://lists.zx2c4.com/pipermail/cgit/2018-August/004176.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2018/dsa-4263"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/45195/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}