CVE-2013-7203

medium

Description

gitolite before commit fa06a34 might allow local users to read arbitrary files in repositories via vectors related to the user umask when running gitolite setup.

References

Advisories

https://marc.info/?l=oss-security&m=138783069700756&w=2

https://lists.fedoraproject.org/pipermail/package-announce/2014-January/125611.html

http://packetstormsecurity.com/files/149438/ManageEngine-SupportCenter-Plus-8.1.0-Cross-Site-Scripting.html

Details

Source: Mitre, NVD

Published: 2018-09-21

Updated: 2018-11-19

Risk Information

CVSS v2

Base Score: 2.1

Vector: CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N

Severity: Low

CVSS v3

Base Score: 5.5

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Severity: Medium

EPSS

EPSS: 0.00083

Detections

Analytics