Note:
This project will be discontinued after December 13, 2021. [more]
2020-05-20
An issue was discovered in Gitea through 1.11.5. An attacker can trigger a deadlock by initiating a transfer of a repository's ownership from one organization to another.
Products | Gitea |
Type | Improper Locking (CWE-667) |
First patch | - None (likely due to unavailable code) |
Links |
• https://github.com/go-gitea/gitea/issues/10549
• https://github.com/go-gitea/gitea/pull/11438 • https://www.youtube.com/watch?v=DmVgADSVS88 |