Filter

go/code.gitea.io/giteaCode Injection

First published (updated )

go/code.gitea.io/giteaAn Authentication Bypass vulnerability exists in Gitea before 1.5.0, which could let a malicious use…

First published (updated )

Gitea GiteaGitea 0.9.99 through 1.12.x before 1.12.6 does not prevent a git protocol path that specifies a TCP …

First published (updated )

Gitea GiteaAn issue exsits in Gitea through 1.15.7, which could let a malicious user gain privileges due to cli…

First published (updated )

Gitea GiteaGitea before 1.8.0 allows 1FA for user accounts that have completed 2FA enrollment. If a user's cred…

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Gitea GiteaGitea before 1.17.3 does not sanitize and escape refs in the git backend. Arguments to git commands …

First published (updated )

Gitea GiteaGitea before 1.11.2 is affected by Trusting HTTP Permission Methods on the Server Side when referenc…

First published (updated )

Gitea GiteaCode Injection

8.8
First published (updated )

Gitea GiteaCSRF

8.8
First published (updated )

Gitea GiteaSSRF

8.6
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Gitea GiteaInput Validation

7.5
First published (updated )

Gitea GiteaBuffer Overflow

7.5
First published (updated )

Gitea GiteaAn issue was discovered in Gitea through 1.11.5. An attacker can trigger a deadlock by initiating a …

7.5
First published (updated )

Gitea GiteaSSRF

7.5
First published (updated )

Gitea GiteaJenkins Gitea Plugin prior to 1.1.2 did not implement trusted revisions, allowing attackers without …

7.5
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Gitea GiteaAn arbitrary file deletion vulnerability in Gitea v1.16.3 allows attackers to cause a Denial of Serv…

7.5
First published (updated )

Gitea GiteaGitea before 1.16.7 does not escape git fetch remote.

7.5
First published (updated )

Gitea GiteaOS Command Injection

7.2
First published (updated )

Gitea GiteaOpen Redirect on login in go-gitea/gitea

7.2
First published (updated )

Gitea GiteaMissing Authorization in go-gitea/gitea

7.1
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Gitea GiteaGitea version 1.6.2 and earlier contains a Incorrect Access Control vulnerability in Delete/Edit fil…

First published (updated )

Gitea GiteaIn Gitea through 1.17.1, repo cloning can occur in the migration function.

First published (updated )

Gitea GiteaIn Gitea before 1.16.9, it was possible for users to add existing issues to projects. Due to imprope…

First published (updated )

go/code.gitea.io/giteaXSS

First published (updated )

Gitea GiteaXSS

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Gitea GiteaXSS

First published (updated )

Gitea GiteaGitea before 1.4.3 is affected by URL Redirection to Untrusted Site ('Open Redirect') via internal U…

First published (updated )

Gitea GiteaXSS

First published (updated )

Gitea GiteaCross-site Scripting (XSS) - Stored in go-gitea/gitea

First published (updated )

go/github.com/go-gitea/giteaInfoleak

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203