Gitolite · Gitolite · CVE-2012-4506
**Name of the Vulnerable Software and Affected Versions**
gitolite versions 3.0 through 3.1
**Description**
A directory traversal issue exists when wild card repositories and a pattern matching "../" are enabled, allowing remote authenticated users to create arbitrary repositories and possibly perform other actions via a .. (dot dot) in a `repository name`.
**Recommendations**
For gitolite versions 3.0 through 3.1, update to version 3.1 or later to resolve the issue.