First published: Mon Aug 07 2023(Updated: )
In Gitea through 1.17.1, repo cloning can occur in the migration function.
Credit: cve@mitre.org cve@mitre.org cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Gitea Gitea | <=1.17.1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2022-38795 is a vulnerability in Gitea through 1.17.1 that allows repo cloning to occur in the migration function.
In Gitea through version 1.17.1, the migration function allows repo cloning to take place, which can be exploited.
CVE-2022-38795 has a severity rating of medium, with a CVSS score of 6.5.
The affected software for CVE-2022-38795 includes Gitea versions up to and including 1.17.1.
To fix CVE-2022-38795, update Gitea to version 1.17.2 or later.