Gitolite before 3.6.9 does not (in certain configurations involving @all or a regex) properly restrict access to a Git repository that is in the process of being migrated until the full set of migration steps has been completed. This can allow valid users to obtain unintended access.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2018-09-12T22:00:00Z
Updated: 2024-09-16T19:09:28.927Z
Reserved: 2018-09-12T00:00:00Z
Link: CVE-2018-16976
Vulnrichment
No data.
NVD
Status : Modified
Published: 2018-09-12T22:29:00.517
Modified: 2024-11-21T03:53:37.817
Link: CVE-2018-16976
Redhat
No data.