Gitea is a project to set up a self-hosted Git service. Gitea suffers from an authorization error vulnerability that stems from PAM authentication when building and configuring Gitea, which skips checking authorization altogether and can be exploited by attackers to log into expired accounts and accounts with expired passwords.