Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gitea gitea vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2019-11228
repo/setting.go in Gitea prior to 1.7.6 and 1.8.x prior to 1.8-RC3 does not validate the form.MirrorAddress before calling SaveAddress.
Gitea Gitea 1.8.0
Gitea Gitea
6.5
CVSSv2
CVE-2019-11229
models/repo_mirror.go in Gitea prior to 1.7.6 and 1.8.x prior to 1.8-RC3 mishandles mirror repo URL settings, leading to remote code execution.
Gitea Gitea 1.8.0
Gitea Gitea
4.3
CVSSv2
CVE-2019-1010314
Gitea 1.7.2, 1.7.3 is affected by: Cross Site Scripting (XSS). The impact is: execute JavaScript in victim's browser, when the vulnerable repo page is loaded. The component is: repository's description. The attack vector is: victim must navigate to public and affected r...
Gitea Gitea 1.7.3
Gitea Gitea 1.7.2
5
CVSSv2
CVE-2018-15192
An SSRF vulnerability in webhooks in Gitea up to and including 1.5.0-rc2 and Gogs up to and including 0.11.53 allows remote malicious users to access intranet services.
Gogs Gogs
Gitea Gitea 1.5.0
Gitea Gitea
5
CVSSv2
CVE-2018-1000803
Gitea version prior to version 1.5.1 contains a CWE-200 vulnerability that can result in Exposure of users private email addresses. This attack appear to be exploitable via Watch a repository to receive email notifications. Emails received contain the other recipients even if the...
Gitea Gitea
7.5
CVSSv2
CVE-2018-18926
Gitea prior to 1.5.4 allows remote code execution because it does not properly validate session IDs. This is related to session ID handling in the go-macaron/session code for Macaron.
Gitea Gitea
3.5
CVSSv2
CVE-2021-28378
Gitea 1.12.x and 1.13.x prior to 1.13.4 allows XSS via certain issue data in some situations.
Gitea Gitea
1 Github repository
5
CVSSv2
CVE-2020-13246
An issue exists in Gitea up to and including 1.11.5. An attacker can trigger a deadlock by initiating a transfer of a repository's ownership from one organization to another.
Gitea Gitea
5
CVSSv2
CVE-2021-3382
Stack buffer overflow vulnerability in gitea 1.9.0 up to and including 1.13.1 allows remote malicious users to cause a denial of service (crash) via vectors related to a file path.
Gitea Gitea
5.5
CVSSv2
CVE-2019-1000002
Gitea version 1.6.2 and previous versions contains a Incorrect Access Control vulnerability in Delete/Edit file functionallity that can result in the attacker deleting files outside the repository he/she has access to. This attack appears to be exploitable via the attacker must g...
Gitea Gitea
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »