pkg:Go/github.com/go-gitea/gitea

共 26 筆 CVECRITICAL6HIGH8MEDIUM12

✅ 檢查你的版本

所有已知漏洞

  • CRITICAL9.8CVE-2020-28991Improper Access Control in Gitea
    >= 0.9.99, < 1.12.6
  • CRITICAL9.8CVE-2022-42968Gitea vulnerable to Argument Injection in code.gitea.io/gitea
    from 0, < 1.17.3
  • CRITICAL9.8CVE-2021-45327Capture-replay in Gitea in code.gitea.io/gitea
    from 0, < 1.11.2
  • CRITICAL9.1CVE-2026-20912Gitea does not properly validate repository ownership when linking attachments to releases in code.gitea.io/gitea
    from 0, < 1.25.4
  • CRITICAL9.1CVE-2026-20897Gitea does not properly validate repository ownership when deleting Git LFS locks in code.gitea.io/gitea
    from 0, < 1.25.4
  • CRITICAL9.1CVE-2026-20750Gitea does not properly validate project ownership in organization project operations in code.gitea.io/gitea
    from 0, < 1.25.4
  • HIGH8.8CVE-2021-45326Cross Site Request Forgery in Gitea in github.com/go-gitea/gitea
    from 0, < 1.5.2
  • HIGH8.8CVE-2021-45326Cross Site Request Forgery in Gitea in github.com/go-gitea/gitea
    from 0, < 1.5.2
  • HIGH8.1CVE-2019-11229Gitea Remote Code Execution in github.com/go-gitea/gitea
    from 0, < 1.7.6
  • HIGH8.1CVE-2019-11229Gitea Remote Code Execution in github.com/go-gitea/gitea
    from 0, < 1.7.6
  • HIGH7.5CVE-2019-11228Gitea Improper Input Validation in github.com/go-gitea/gitea
    from 0, < 1.7.6
  • HIGH7.5CVE-2019-11228Gitea Improper Input Validation in github.com/go-gitea/gitea
    from 0, < 1.7.6
  • HIGH7.5CVE-2020-13246Denial of Service in Gitea in code.gitea.io/gitea
    from 0, < 1.12.0
  • HIGH7.0CVE-2021-3382Buffer Overflow in gitea in code.gitea.io/gitea
    >= 1.9.0, < 1.13.2
  • MEDIUM6.5CVE-2026-20904Gitea does not properly validate ownership when toggling OpenID URI visibility in code.gitea.io/gitea
    from 0, < 1.25.4
  • MEDIUM6.5CVE-2026-20883Gitea improperly exposes issue titles and repository names through previously started stopwatches in code.gitea.io/gitea
    from 0, < 1.25.4
  • MEDIUM6.5CVE-2026-20800Gitea improperly exposes issue and pull request titles in code.gitea.io/gitea
    from 0, < 1.25.4
  • MEDIUM6.1CVE-2021-45329Cross-site Scripting in Gitea in github.com/go-gitea/gitea
    from 0, < 1.5.1
  • MEDIUM6.1CVE-2021-45329Cross-site Scripting in Gitea in github.com/go-gitea/gitea
    from 0, < 1.5.1
  • MEDIUM6.1CVE-2021-45328Open redirect in Gitea in github.com/go-gitea/gitea
    from 0, < 1.4.3
  • MEDIUM6.1CVE-2021-45328Open redirect in Gitea in github.com/go-gitea/gitea
    from 0, < 1.4.3
  • MEDIUM5.3CVE-2018-1000803Gitea Exposes Private Email Addresses in github.com/go-gitea/gitea
    from 0, < 1.5.1
  • MEDIUM5.3CVE-2018-1000803Gitea Exposes Private Email Addresses in github.com/go-gitea/gitea
    from 0, < 1.5.1
  • MEDIUM5.3CVE-2021-45325Gitea displaying raw OpenID error in UI in github.com/go-gitea/gitea
    from 0, < 1.7.0
  • MEDIUM5.3CVE-2021-45325Gitea displaying raw OpenID error in UI in github.com/go-gitea/gitea
    from 0, < 1.7.0
  • MEDIUM4.3CVE-2026-20888Gitea does not properly verify authorization when canceling scheduled auto-merges via the web interface in code.gitea.io/gitea
    from 0, < 1.25.4