Kallithea Elevation of Privilege Vulnerability

Kallithea, a project under the US-based Software Freedom Conservancy organization, is a free source code management system. The system supports Mercurial and Git version control systems, hosting code, managing access control, and more. Kallithea suffers from an elevation of privilege vulnerabilit...

Kallithea CRLF Injection Vulnerability

Kallithea is is a free source code management system. The Kallitheaadmin/login URI fails to adequately filter the 'namefrom' parameter, allowing remote attackers to exploit this vulnerability to inject arbitrary HTTP headers and perform HTTP response splitting attacks...

Kallithea /_admin/my_account Admin account password manipulation vulnerability

Kallithea is a free source code management system. Kallithea suffers from a security vulnerability that allows remote attackers to construct malicious URIs, trick users into parsing them, and perform malicious actions, such as changing a user's password, in the context of the target user...

PYSEC-2015-29

RhodeCode before 2.2.7 and Kallithea 0.1 allows remote authenticated users to obtain API keys and other sensitive information via the getrepo API method...

PYSEC-2015-32

RhodeCode before 2.2.7 and Kallithea 0.1 allows remote authenticated users to obtain API keys and other sensitive information via the getrepo API method...

Kallithea Information Disclosure Vulnerability

Kallithea is a free source code management system. Kallithea suffers from an information disclosure vulnerability that allows remote attackers to obtain sensitive information...