Overview Recently, NSFOCUS CERT detected that Gitblit issued a security announcement and fixed the Gitblit authentication bypass vulnerability (CVE-2024-28080); Because Gitblit's SSH service has defects in the public key authentication process, unauthenticated attackers can use the client's public key to trigger signature verification failure and fall back to password-based authentication...
