cvedb.io
CVE-2018-20683
HIGH · CVSS 8.1
EPSS exploitation probability: 0%
Published 2019-01-10T01:29:00.237 · Last modified 2026-06-17T01:53:19.060

Summary

commands/rsync in Gitolite before 3.6.11, if .gitolite.rc enables rsync, mishandles the rsync command line, which allows attackers to have a "bad" impact by triggering use of an option other than -v, -n, -q, or -P.

Affected products

gitolite — gitolite

Does this affect you?

Add your gear to cvedb and we'll alert you only when gitolite ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.