Sitaram Chamarty

**Name of the Vulnerable Software and Affected Versions** gitolite versions fa06a34 through 3.5.3 **Description** The issue might allow attackers to have an unspecified impact via vectors involving world-writable permissions when creating files such as ~/.gitolite.rc, ~/.gitolite, or ~/repositories/gitolite-admin.git on fresh installs. **Recommendations** For gitolite versions fa06a34 through 3.5.3, consider restricting world-writable permissions to minimize the risk of exploitation. As a temporary workaround, ensure that the permissions for the creation of ~/.gitolite.rc, ~/.gitolite, and ~/repositories/gitolite-admin.git are properly set to prevent unauthorized access.