GHSA-mmmm-chjf-jmvw
Suggest an improvement- Source
- https://github.com/advisories/GHSA-mmmm-chjf-jmvw
- Import Source
- https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-mmmm-chjf-jmvw/GHSA-mmmm-chjf-jmvw.json
- JSON Data
- https://api.osv.dev/v1/vulns/GHSA-mmmm-chjf-jmvw
- Aliases
- Published
- 2022-05-24T17:34:24Z
- Modified
- 2023-11-08T04:02:18.736320Z
- Severity
-
- 3.2 (Low) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:N/A:N CVSS Calculator
- Summary
- Gitaly Insufficient Session Expiration vulnerability
- Details
-
When importing repos via URL, one time use git credentials were persisted beyond the expected time window in Gitaly 1.79.0 or above. Affected versions are: >=1.79.0, <13.3.9,>=13.4, <13.4.5,>=13.5, <13.5.2.
- Database specific
{ "nvd_published_at": "2020-11-17T01:15:00Z", "severity": "LOW", "cwe_ids": [ "CWE-613" ], "github_reviewed": true, "github_reviewed_at": "2023-01-24T18:35:04Z" }- References