Unrated severityOSV Advisory· Published Jan 10, 2019· Updated Aug 5, 2024
CVE-2018-20683
CVE-2018-20683
Description
commands/rsync in Gitolite before 3.6.11, if .gitolite.rc enables rsync, mishandles the rsync command line, which allows attackers to have a "bad" impact by triggering use of an option other than -v, -n, -q, or -P.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
4- osv-coords3 versionspkg:rpm/opensuse/gitolite&distro=openSUSE%20Leap%2015.0pkg:rpm/opensuse/gitolite&distro=openSUSE%20Tumbleweedpkg:rpm/suse/gitolite&distro=SUSE%20Package%20Hub%2015
< 3.6.11-bp150.3.6.1+ 2 more
- (no CPE)range: < 3.6.11-bp150.3.6.1
- (no CPE)range: < 3.6.12-1.6
- (no CPE)range: < 3.6.11-bp150.3.6.1
Patches
Vulnerability mechanics
References
4- bugs.debian.org/918849mitrex_refsource_MISC
- github.com/sitaramc/gitolite/blob/master/CHANGELOGmitrex_refsource_MISC
- github.com/sitaramc/gitolite/commit/5df2b817255ee919991da6c310239e08c8fcc1aemitrex_refsource_MISC
- groups.google.com/forum/mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.