Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2012-4465HistoryOct 10, 2012 - 6:55 p.m.
CVE-2012-4465
2012-10-1018:55:05
Debian Security Bug Tracker
security-tracker.debian.org
12
CVSS2
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
EPSS
0.048
Percentile
92.7%
Heap-based buffer overflow in the substr function in parsing.c in cgit 0.9.0.3 and earlier allows remote authenticated users to cause a denial of service (crash) and possibly execute arbitrary code via an empty username in the “Author” field in a commit.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | cgit | < 1.2.3+git20221219.50.91f2590+git2.39.1-1 | cgit_1.2.3+git20221219.50.91f2590+git2.39.1-1_all.deb |
| Debian | 11 | all | cgit | < 1.2.3+git2.25.1-1 | cgit_1.2.3+git2.25.1-1_all.deb |
| Debian | 999 | all | cgit | < 1.2.3+git20221219.50.91f2590+git2.39.1-1 | cgit_1.2.3+git20221219.50.91f2590+git2.39.1-1_all.deb |
| Debian | 13 | all | cgit | < 1.2.3+git20221219.50.91f2590+git2.39.1-1 | cgit_1.2.3+git20221219.50.91f2590+git2.39.1-1_all.deb |
Related
nessus
nessus
openSUSE Security Update : cgit (openSUSE-SU-2012:1421-1)
2014-06-13 00:00:00
openSUSE Security Update : cgit (openSUSE-SU-2012:1422-1)
2014-06-13 00:00:00
openvas
openvas
openSUSE: Security Advisory for update (openSUSE-SU-2012:1421-1)
2012-12-13 00:00:00
SuSE Update for update openSUSE-SU-2012:1422-1 (update)
2013-03-11 00:00:00
openSUSE: Security Advisory for update (openSUSE-SU-2012:1422-1)
2013-03-11 00:00:00
cvelist
cvelist
CVE-2012-4465
2012-10-10 18:00:00
prion
prion
Heap overflow
2012-10-10 18:55:00
cve
cve
CVE-2012-4465
2012-10-10 18:55:05
suse
suse
update for cgit (important)
2012-10-31 16:11:53
update for cgit (important)
2012-10-31 16:12:06
nvd
nvd
CVE-2012-4465
2012-10-10 18:55:05
fedora
fedora
[SECURITY] Fedora 16 Update: cgit-0.9.1-2.fc16
2012-11-28 11:46:45
[SECURITY] Fedora 17 Update: cgit-0.9.1-2.fc17
2012-11-28 11:28:50
[SECURITY] Fedora 17 Update: cgit-0.9.2-1.fc17
2013-06-06 01:37:26
osv
osv
cgit-1.0-1.3 on GA media
2024-06-15 00:00:00
CVSS2
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
EPSS
0.048
Percentile
92.7%
Related for DEBIANCVE:CVE-2012-4465