Lucene search
RedhatCVELIST:CVE-2013-2117HistoryAug 09, 2013 - 6:00 p.m.
CVE-2013-2117
2013-08-0918:00:00
redhat
www.cve.org
8
Directory traversal vulnerability in the cgit_parse_readme function in ui-summary.c in cgit before 0.9.2, when a readme file is set to a filesystem path, allows remote attackers to read arbitrary files via a … (dot dot) in the url parameter.
References
git.zx2c4.com/cgit/commit/?h=wip&id=babf94e04e74123eb658a823213c062663cdadd6
lists.opensuse.org/opensuse-updates/2013-07/msg00061.html
lists.opensuse.org/opensuse-updates/2013-08/msg00012.html
lists.zx2c4.com/pipermail/cgit/2013-May/001394.html
secunia.com/advisories/54186
www.openwall.com/lists/oss-security/2013/05/27/3
Related
nessus
nessus
Fedora 17 : cgit-0.9.2-1.fc17 (2013-9522)
2013-07-12 00:00:00
Fedora 19 : cgit-0.9.2-1.fc19 (2013-9467)
2013-06-05 00:00:00
Fedora 18 : cgit-0.9.2-1.fc18 (2013-9498)
2013-07-12 00:00:00
cve
cve
CVE-2013-2117
2013-08-09 20:56:07
debiancve
debiancve
CVE-2013-2117
2013-08-09 20:56:07
openvas
openvas
Fedora Update for cgit FEDORA-2013-9498
2013-06-07 00:00:00
cgit 'url' Parameter Directory Traversal Vulnerability
2013-05-28 00:00:00
Fedora Update for cgit FEDORA-2013-9498
2013-06-07 00:00:00
prion
prion
Directory traversal
2013-08-09 20:56:00
fedora
fedora
[SECURITY] Fedora 19 Update: cgit-0.9.2-1.fc19
2013-06-05 03:16:28
[SECURITY] Fedora 18 Update: cgit-0.9.2-1.fc18
2013-06-06 01:30:16
[SECURITY] Fedora 17 Update: cgit-0.9.2-1.fc17
2013-06-06 01:37:26
nvd
nvd
CVE-2013-2117
2013-08-09 20:56:07
osv
osv
cgit-1.0-1.3 on GA media
2024-06-15 00:00:00