CVE-2022-0905
HIGH7.1EPSS 0.31%Gitea Missing Authorization vulnerability in code.gitea.io/gitea
發布日:2022/3/11修改日:2026/3/3
描述
Gitea Missing Authorization vulnerability in code.gitea.io/gitea
受影響套件(3)
- Bitnami/giteafrom 0, < 1.16.4
- Go/code.gitea.io/giteafrom 0, < 1.16.4
- Go/code.gitea.io/giteafrom 0, < 1.16.4
CVSS 分數
| 來源 | 版本 | 嚴重程度 | 向量 |
|---|---|---|---|
| osv | CVSS 3.1 | HIGH7.1 | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N |
參考連結(6)
- ADVISORYhttps://github.com/advisories/GHSA-jr9c-h74f-2v28
- ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2022-0905
- PATCHhttps://github.com/go-gitea/gitea
- WEBhttps://github.com/go-gitea/gitea/commit/1314f38b59748397b3429fb9bc9f9d6bac85d2f2
- WEBhttps://github.com/go-gitea/gitea/commit/3e5c844a7758fa29126d201f4f98bf21bca6d314
- WEBhttps://huntr.dev/bounties/8d221f92-b2b1-4878-bc31-66ff272e5ceb