Vulnerabilities (CVE)

Filtered by vendor Adobe Subscribe
Filtered by product Git-server
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-9708 1 Adobe 1 Git-server 2024-11-21 5.0 MEDIUM 5.9 MEDIUM
The resolveRepositoryPath function doesn't properly validate user input and a malicious user may traverse to any valid Git repository outside the repoRoot. This issue may lead to unauthorized access of private Git repositories as long as the malicious user knows or brute-forces the location of the repository.