CVE-2011-1027

Name of the Vulnerable Software and Affected Versions cgit versions prior to 0.8.3.5

Description The issue is caused by an off-by-one error in the convert query hexchar function in html.c in cgit.cgi. This allows remote attackers to cause a denial of service (infinite loop) via a string composed of a % (percent) character followed by invalid hex characters, such as a %gg sequence.

Recommendations For versions prior to 0.8.3.5, update to version 0.8.3.5 or later to resolve the issue. As a temporary workaround, consider restricting input to prevent strings with a % (percent) character followed by invalid hex characters from being processed by the convert query hexchar function.