Lucene search
China National Vulnerability DatabaseCNVD-2022-18523HistoryMar 11, 2022 - 12:00 a.m.
Gitea Authorization Error Vulnerability
2022-03-1100:00:00
China National Vulnerability Database
www.cnvd.org.cn
14
gitea
authorization error
vulnerability
pam authentication
expired accounts
expired passwords
security issue
EPSS
0.001
Percentile
30.4%
Gitea is a project to set up a self-hosted Git service. Gitea suffers from an authorization error vulnerability that stems from PAM authentication when building and configuring Gitea, which skips checking authorization altogether and can be exploited by attackers to log into expired accounts and accounts with expired passwords.
Related
ubuntucve
ubuntucve
CVE-2022-0905
2022-03-10 00:00:00
veracode
veracode
Authorization Bypass
2022-03-11 09:33:43
nessus
nessus
huntr
huntr
Improper Authorization
2022-03-06 10:22:29
github
github
Gitea Missing Authorization vulnerability
2022-03-11 00:02:35
nvd
nvd
CVE-2022-0905
2022-03-10 15:15:10
osv
osv
BIT-gitea-2022-0905
2024-03-06 10:53:40
CVE-2022-0905
2022-03-10 15:15:10
Gitea Missing Authorization vulnerability
2022-03-11 00:02:35
freebsd
freebsd
gitea -- Improper/incorrect authorization
2022-03-06 00:00:00
gitlab
gitlab
Improper Authorization in Gitea
2022-03-11 00:00:00
prion
prion
Authorization
2022-03-10 15:15:00
cvelist
cvelist
CVE-2022-0905 Missing Authorization in go-gitea/gitea
2022-03-10 00:00:00
cve
cve
CVE-2022-0905
2022-03-10 15:15:10
openvas
openvas
Gitea < 1.16.4 Improper Authorization Vulnerability
2022-03-15 00:00:00