Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Gitea
(Gitea)Repositories |
Unknown: This might be proprietary software. |
#Vulnerabilities | 33 |
Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2022-05-29 | CVE-2022-1928 | Cross-site Scripting (XSS) - Stored in GitHub repository go-gitea/gitea prior to 1.16.9. | Gitea | 5.4 | ||
2022-02-09 | CVE-2021-45330 | An issue exsits in Gitea through 1.15.7, which could let a malicious user gain privileges due to client side cookies not being deleted and the session remains valid on the server side for reuse. | Gitea | 9.8 | ||
2022-05-03 | CVE-2022-27313 | An arbitrary file deletion vulnerability in Gitea v1.16.3 allows attackers to cause a Denial of Service (DoS) via deleting the configuration file. | Gitea | 7.5 | ||
2022-03-24 | CVE-2022-1058 | Open Redirect on login in GitHub repository go-gitea/gitea prior to 1.16.5. | Gitea | 6.1 | ||
2022-03-15 | CVE-2021-29134 | The avatar middleware in Gitea before 1.13.6 allows Directory Traversal via a crafted URL. | Gitea | 5.3 | ||
2022-02-09 | CVE-2021-45331 | An Authentication Bypass vulnerability exists in Gitea before 1.5.0, which could let a malicious user gain privileges. If captured, the TOTP code for the 2FA can be submitted correctly more than once. | Gitea | 9.8 | ||
2022-02-08 | CVE-2021-45325 | Server Side Request Forgery (SSRF) vulneraility exists in Gitea before 1.7.0 using the OpenID URL. | Gitea | 7.5 | ||
2022-02-08 | CVE-2021-45326 | Cross Site Request Forgery (CSRF) vulnerability exists in Gitea before 1.5.2 via API routes.This can be dangerous especially with state altering POST requests. | Gitea | 8.8 | ||
2022-02-08 | CVE-2021-45328 | Gitea before 1.4.3 is affected by URL Redirection to Untrusted Site ('Open Redirect') via internal URLs. | Gitea | 6.1 | ||
2022-02-08 | CVE-2021-45329 | Cross Site Scripting (XSS) vulnerability exists in Gitea before 1.5.1 via the repository settings inside the external wiki/issue tracker URL field. | Gitea | 6.1 |