Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gitea gitea vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-38795
In Gitea up to and including 1.17.1, repo cloning can occur in the migration function.
Gitea Gitea
NA
CVE-2023-3515
Open Redirect in GitHub repository go-gitea/gitea before 1.19.4.
Gitea Gitea
NA
CVE-2022-46685
In Jenkins Gitea Plugin 1.4.4 and previous versions, the implementation of Gitea personal access tokens did not support credentials masking, potentially exposing them through the build log.
Gitea Gitea
NA
CVE-2022-42968
Gitea prior to 1.17.3 does not sanitize and escape refs in the git backend. Arguments to git commands are mishandled.
Gitea Gitea
NA
CVE-2022-38183
In Gitea prior to 1.16.9, it was possible for users to add existing issues to projects. Due to improper access controls, an attacker could assign any issue to any project in Gitea (there was no permission check for fetching the issue). As a result, the attacker would get access t...
Gitea Gitea
3.5
CVSSv2
CVE-2022-1928
Cross-site Scripting (XSS) - Stored in GitHub repository go-gitea/gitea before 1.16.9.
Gitea Gitea
5
CVSSv2
CVE-2022-30781
Gitea prior to 1.16.7 does not escape git fetch remote.
Gitea Gitea
2 Github repositories
5
CVSSv2
CVE-2022-27313
An arbitrary file deletion vulnerability in Gitea v1.16.3 allows malicious users to cause a Denial of Service (DoS) via deleting the configuration file.
Gitea Gitea 1.16.3
5.8
CVSSv2
CVE-2022-1058
Open Redirect on login in GitHub repository go-gitea/gitea before 1.16.5.
Gitea Gitea
5
CVSSv2
CVE-2021-29134
The avatar middleware in Gitea prior to 1.13.6 allows Directory Traversal via a crafted URL.
Gitea Gitea
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5248
CVE-2024-3110
CVE-2024-5552
CVE-2024-29415
HTML injection
CVE-2024-3095
TCP
type confusion
CVE-2024-1800
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »