CVE-2021-38711
7.5 HIGHIn gitit before 0.15.0.0, the Export feature can be exploited to leak information from files
Published: 2021-08-16 · Last updated: 2026-06-17
Severity and scoring
- CVSS
- 7.5 HIGH
- Vector
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
- CWE
- CWE-552
Affected products
| Vendor | Product |
|---|---|
| gitit_project | gitit |
Description
In gitit before 0.15.0.0, the Export feature can be exploited to leak information from files.
Source: NVD
References
- [NVD]https://nvd.nist.gov/vuln/detail/CVE-2021-38711
- [Patch]https://github.com/jgm/gitit/commit/eed32638f4f6e3b2f4b8a9a04c4b72001acf9ad8
- [Patch]https://github.com/jgm/gitit/compare/0.14.0.0...0.15.0.0
- [Patch]https://github.com/jgm/gitit/commit/eed32638f4f6e3b2f4b8a9a04c4b72001acf9ad8
- [Patch]https://github.com/jgm/gitit/compare/0.14.0.0...0.15.0.0
Related CVEs
Same CWE
- CVE-2025-14771 — Files or directories accessible to external parties vulnerability in ABB T-MAC Plus (9.9 CRITICAL)
- CVE-2026-45543 — Nextcloud is an open source content collaboration platform (5.3 MEDIUM)
- CVE-2026-40425 — The administrator account for the Danelec MacGregor Voyage Data Recorder web interface can directly edit sensitive files related to auth... (5.7 MEDIUM)
- CVE-2026-45088 — Dalfox is a powerful open-source XSS scanner and utility focused on automation (7.5 HIGH)
- CVE-2024-56462 — IBM QRadar 7.5.0 through 7.5.0 UP15 Interim Fix 002 could allow a privileged user to upload a malicious backup archive that could be rest... (7.2 HIGH)