Lucene search

CVE-2020-28991

🗓️ 24 Nov 2020 01:11:15Reported by mitreType

Gitea 0.9.99 through 1.12.x before 1.12.6 allows remote attackers to bypass intended access restrictions via a crafted git protocol path

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 10
Prion	Path traversal	24 Nov 202001:15	–	prion
OSV	CVE-2020-28991	24 Nov 202001:15	–	osv
OSV	GHSA-R7H7-CHH4-5RVM Improper Access Control in Gitea	24 Apr 202420:56	–	osv
OSV	BIT-gitea-2020-28991	6 Mar 202410:55	–	osv
NVD	CVE-2020-28991	24 Nov 202001:15	–	nvd
OpenVAS	Gitea 0.9.99 < 1.12.6 RCE Vulnerability	10 Feb 202100:00	–	openvas
Cvelist	CVE-2020-28991	24 Nov 202000:29	–	cvelist
Veracode	Privilege Escalation	25 Nov 202011:57	–	veracode
ArchLinux	[ASA-202011-26] gitea: insufficient validation	26 Nov 202000:00	–	archlinux
Github Security Blog	Improper Access Control in Gitea	24 Apr 202420:56	–	github

Nvd

Node

gitea giteaRange0.9.99–1.12.6

Source	Link
github	www.github.com/go-gitea/gitea/pull/13525
github	www.github.com/go-gitea/gitea/releases/tag/v1.12.6

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

24 Nov 2020 01:15Current

9.3High risk

Vulners AI Score9.3

CVSS27.5

CVSS39.8

EPSS0.00433