Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Adobe Subscribe
Filtered by product Git-server
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-9708 1 Adobe 1 Git-server 2020-08-21 5.0 MEDIUM 7.5 HIGH
The resolveRepositoryPath function doesn't properly validate user input and a malicious user may traverse to any valid Git repository outside the repoRoot. This issue may lead to unauthorized access of private Git repositories as long as the malicious user knows or brute-forces the location of the repository.