Off-by-one error in the convert_query_hexchar function in html.c in cgit.cgi in cgit before 0.8.3.5 allows remote attackers to cause a denial of service (infinite loop) via a string composed of a % (percent) character followed by invalid hex characters, as demonstrated by a %gg sequence.
2011-03-20T02:00:04.017
2025-04-11T00:51:21.963
Deferred
CVSSv2: 5.0 (MEDIUM)
AV:N/AC:L/Au:N/C:N/I:N/A:P
10.0
2.9
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | lars_hjemli | cgit | ≤ 0.8.3.4 | Yes |
| Application | lars_hjemli | cgit | 0.1 | Yes |
| Application | lars_hjemli | cgit | 0.2 | Yes |
| Application | lars_hjemli | cgit | 0.3 | Yes |
| Application | lars_hjemli | cgit | 0.4 | Yes |
| Application | lars_hjemli | cgit | 0.5 | Yes |
| Application | lars_hjemli | cgit | 0.6 | Yes |
| Application | lars_hjemli | cgit | 0.6.1 | Yes |
| Application | lars_hjemli | cgit | 0.6.2 | Yes |
| Application | lars_hjemli | cgit | 0.6.3 | Yes |
| Application | lars_hjemli | cgit | 0.7 | Yes |
| Application | lars_hjemli | cgit | 0.7.1 | Yes |
| Application | lars_hjemli | cgit | 0.7.2 | Yes |
| Application | lars_hjemli | cgit | 0.8 | Yes |
| Application | lars_hjemli | cgit | 0.8.1 | Yes |
| Application | lars_hjemli | cgit | 0.8.1.1 | Yes |
| Application | lars_hjemli | cgit | 0.8.2 | Yes |
| Application | lars_hjemli | cgit | 0.8.2.1 | Yes |
| Application | lars_hjemli | cgit | 0.8.2.2 | Yes |
| Application | lars_hjemli | cgit | 0.8.3 | Yes |
| Application | lars_hjemli | cgit | 0.8.3.1 | Yes |
| Application | lars_hjemli | cgit | 0.8.3.2 | Yes |
| Application | lars_hjemli | cgit | 0.8.3.3 | Yes |
| Operating System | fedoraproject | fedora | 13 | Yes |
| Operating System | fedoraproject | fedora | 14 | Yes |
| Operating System | fedoraproject | fedora | 15 | Yes |