1. Home
  2. Vulnerabilities
  3. CVE-2022-31268

CVE-2022-31268

CVSS v3.1 7.5 (High)
75% Progress
CVSS v2.0 5 (Medium)
50% Progress
EPSS 0.63 % (79th)
0.63% Progress
Affected Products 1
Advisories 1
Info CVSS EPSS CAPEC Affected Configurations References Security Advisories Packages & Software Tools, Exploits & PoC Graph Web & Social Timeline

A Path Traversal vulnerability in Gitblit 1.9.3 can lead to reading website files via /resources//../ (e.g., followed by a WEB-INF or META-INF pathname).

Weaknesses
CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE Status
PUBLISHED
CNA
MITRE
Published Date
2022-05-21 21:15:52
(2 years ago)
Updated Date
2022-06-02 18:24:43
(2 years ago)

Affected Products

Gitblit

Configuration #1

    CPE23 From Up To
  Gitblit 1.9.3 cpe:2.3:a:gitblit:gitblit:1.9.3