EPSS
Percentile
99.5%
cgit_clone_objects in CGit before 1.2.1 has a directory traversal vulnerability when enable-http-clone=1 is not turned off, as demonstrated by a cgit/cgit.cgi/git/objects/?path=…/ request.
enable-http-clone=1
bugzilla.redhat.com/show_bug.cgi?id=1612379