ID CVE-2016-1900
Summary CRLF injection vulnerability in the cgit_print_http_headers function in ui-shared.c in CGit before 0.12 allows remote attackers with permission to write to a repository to inject arbitrary HTTP headers and conduct HTTP response splitting attacks or cross-site scripting (XSS) attacks via newline characters in a filename. <a href="https://cwe.mitre.org/data/definitions/93.html">CWE-93: Improper Neutralization of CRLF Sequences ('CRLF Injection')</a>
References
Vulnerable Configurations
  • cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*
    cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*
  • cpe:2.3:a:cgit_project:cgit:0.11.2:*:*:*:*:*:*:*
    cpe:2.3:a:cgit_project:cgit:0.11.2:*:*:*:*:*:*:*
CVSS
Base: 4.3 (as of 07-12-2016 - 18:33)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
NONE PARTIAL NONE
cvss-vector via4 AV:N/AC:M/Au:N/C:N/I:P/A:N
refmap via4
confirm http://git.zx2c4.com/cgit/commit/?id=513b3863d999f91b47d7e9f26710390db55f9463
debian DSA-3545
fedora
  • FEDORA-2016-215b507409
  • FEDORA-2016-e5a5fb196f
mlist
  • [CGit] 20160113 XSS in cgit
  • [CGit] 20160114 [ANNOUNCE] CGIT v0.12 Released
  • [oss-security] 20160114 CVE Request: CGit - Multiple vulnerabilities
  • [oss-security] 20160114 Re: CVE Request: CGit - Multiple vulnerabilities
suse
  • openSUSE-SU-2016:0196
  • openSUSE-SU-2016:0218
Last major update 07-12-2016 - 18:33
Published 20-01-2016 - 16:59
Last modified 07-12-2016 - 18:33
Back to Top