Lars Hjemli : Security Vulnerabilities, CVEs, (Code Execution)
Heap-based buffer overflow in the substr function in parsing.c in cgit 0.9.0.3 and earlier allows remote authenticated users to cause a denial of service (crash) and possibly execute arbitrary code via an empty username in the "Author" field in a commit.
Max CVSS
6.5
EPSS Score
4.17%
Published
2012-10-10
Updated
2013-01-30
1 vulnerabilities found