Every CVE whose affected-product data names Cgit Project Cgit, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (4)
CVE-2016-1901 — CVSS 9.8 (critical): Integer overflow in the authenticate_post function in CGit before 0.12 allows remote attackers to have unspecified impact via a large value…
CVE-2018-14912 — CVSS 7.5 (high): cgit_clone_objects in CGit before 1.2.1 has a directory traversal vulnerability when `enable-http-clone=1` is not turned off, as…
CVE-2016-1899 — CVSS 3.7 (low): CRLF injection vulnerability in the ui-blob handler in CGit before 0.12 allows remote attackers to inject arbitrary HTTP headers and…
CVE-2016-1900 — CVSS 3.7 (low): CRLF injection vulnerability in the cgit_print_http_headers function in ui-shared.c in CGit before 0.12 allows remote attackers with…