Filter

Gitea GiteaIn Gitea through 1.17.1, repo cloning can occur in the migration function.

First published (updated )

Gitea GiteaOpen Redirect in go-gitea/gitea

First published (updated )

Gitea GiteaIn Jenkins Gitea Plugin 1.4.4 and earlier, the implementation of Gitea personal access tokens did no…

First published (updated )

Gitea GiteaGitea before 1.17.3 does not sanitize and escape refs in the git backend. Arguments to git commands …

First published (updated )

Gitea GiteaIn Gitea before 1.16.9, it was possible for users to add existing issues to projects. Due to imprope…

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Gitea GiteaCross-site Scripting (XSS) - Stored in go-gitea/gitea

First published (updated )

Gitea GiteaGitea before 1.16.7 does not escape git fetch remote.

7.5
First published (updated )

Gitea GiteaAn arbitrary file deletion vulnerability in Gitea v1.16.3 allows attackers to cause a Denial of Serv…

7.5
First published (updated )

Gitea GiteaOpen Redirect on login in go-gitea/gitea

7.2
First published (updated )

Gitea GiteaPath Traversal

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Gitea GiteaMissing Authorization in go-gitea/gitea

7.1
First published (updated )

go/code.gitea.io/giteaAn Authentication Bypass vulnerability exists in Gitea before 1.5.0, which could let a malicious use…

First published (updated )

Gitea GiteaAn issue exsits in Gitea through 1.15.7, which could let a malicious user gain privileges due to cli…

First published (updated )

Gitea GiteaXSS

First published (updated )

Gitea GiteaGitea before 1.4.3 is affected by URL Redirection to Untrusted Site ('Open Redirect') via internal U…

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Gitea GiteaGitea before 1.11.2 is affected by Trusting HTTP Permission Methods on the Server Side when referenc…

First published (updated )

Gitea GiteaCSRF

8.8
First published (updated )

Gitea GiteaSSRF

7.5
First published (updated )

Gitea GiteaXSS

First published (updated )

Gitea GiteaBuffer Overflow

7.5
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Gitea GiteaGitea 0.9.99 through 1.12.x before 1.12.6 does not prevent a git protocol path that specifies a TCP …

First published (updated )

Gitea GiteaOS Command Injection

7.2
First published (updated )

Gitea GiteaAn issue was discovered in Gitea through 1.11.5. An attacker can trigger a deadlock by initiating a …

7.5
First published (updated )

go/code.gitea.io/giteaXSS

First published (updated )

Gitea GiteaXSS

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Gitea GiteaJenkins Gitea Plugin prior to 1.1.2 did not implement trusted revisions, allowing attackers without …

7.5
First published (updated )

Gitea GiteaGitea before 1.8.0 allows 1FA for user accounts that have completed 2FA enrollment. If a user's cred…

First published (updated )

Gitea GiteaCode Injection

8.8
First published (updated )

Gitea GiteaInput Validation

7.5
First published (updated )

Gitea GiteaGitea version 1.6.2 and earlier contains a Incorrect Access Control vulnerability in Delete/Edit fil…

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203