Gitolite · Gitolite · CVE-2013-4451
**Name of the Vulnerable Software and Affected Versions**
gitolite versions fa06a34 through 3.5.3
**Description**
The issue might allow attackers to have an unspecified impact via vectors involving world-writable permissions when creating files such as ~/.gitolite.rc, ~/.gitolite, or ~/repositories/gitolite-admin.git on fresh installs.
**Recommendations**
For gitolite versions fa06a34 through 3.5.3, consider restricting world-writable permissions to minimize the risk of exploitation. As a temporary workaround, ensure that the permissions for the creation of ~/.gitolite.rc, ~/.gitolite, and ~/repositories/gitolite-admin.git are properly set to prevent unauthorized access.