Debian 13 — cgit — multiple vulnerabilities (4 CVEs) — patch and remediation guide
🟡 Medium ⏱ 10–30 min Last verified: 25 May 2026 Affected versions: Debian 13 (trixie) 📖 ~4 min read • Source: Debian Security Tracker Related CVEs: CVE-2016-1899 CVE-2016-1900 CVE-2016-1901 CVE-2018-14912 Upstream summary: CRLF injection vulnerability in the ui-blob handler in CGit before 0.12 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP […]