CVE-2026-52805 Gogs: Migration Redirect Bypass Leads to Internal Repository Theft

Gogs is an open source self-hosted Git service. Prior to 0.14.3, a Server-Side Request Forgery SSRF vulnerability exists in the repository migration functionality. The application validates only the initially submitted URL hostname, but git clone --mirror follows HTTP redirects. An authenticated...

CVE-2026-52805

CVE-2026-52805 (Gogs) describes an SSRF in the repository migration feature where only the initial URL hostname is validated. The migration uses git clone --mirror, which follows HTTP redirects, allowing an authenticated user to submit a public URL that redirects to an internal endpoint (e.g., 12...

EUVD-2021-24840

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2021-22200

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue has been discovered in GitLab CE/EE affecting all versions starting with 12.6. Under a special condition it was possible to access data of an internal...

CVE-2021-38388

Central Dogma allows privilege escalation with mirroring to the internal dogma repository that has a file managing the authorization of the project...

BIT-GITLAB-2021-22200

An issue has been discovered in GitLab CE/EE affecting all versions starting with 12.6. Under a special condition it was possible to access data of an internal repository through a public project fork as an anonymous user...

Access Control Bypass

gitlab is vulnerable to Access Control Bypass. This vulnerability occurs due to a flaw in the way that GitLab handles project forks. An attacker can exploit this vulnerability to access data of an internal repository through a project fork done by a project member...

Information Disclosure

gitlab is vulnerable to Information Disclosure. This vulnerability occurs due to a flaw in the way that GitLab handles project forks. An attacker can exploit this vulnerability to access data of an internal repository through a public project fork, even if the attacker does not have permissions t...

CVE-2021-38388

Central Dogma allows privilege escalation with mirroring to the internal dogma repository that has a file managing the authorization of the project...

Central Dogma 安全漏洞

Central Dogma is an open source service configuration version control repository based on Git, ZooKeeper and HTTP/2. A security vulnerability exists in Central Dogma that allows elevation of privilege by mirroring to an internal Dogma repository with files that manage project authorizations...

GitLab Access Control Error Vulnerability

GitLab is a Ruby on Rails-developed, self-hosted, Git version control system project repository application from the American company GitLab. The program can be used to access a project's file contents, commit history, bug lists, and more. An access control error vulnerability exists in GitLab...

CVE-2021-22229

An issue has been discovered in GitLab CE/EE affecting all versions starting with 12.8. Under a special condition it was possible to access data of an internal repository through project fork done by a project member...

CVE-2021-22229

An issue has been discovered in GitLab CE/EE affecting all versions starting with 12.8. Under a special condition it was possible to access data of an internal repository through project fork done by a project member...

Race condition

An issue has been discovered in GitLab CE/EE affecting all versions starting with 12.8. Under a special condition it was possible to access data of an internal repository through project fork done by a project member...

CVE-2021-22229

Removed by vendor...

CVE-2021-22229

An issue has been discovered in GitLab CE/EE affecting all versions starting with 12.8. Under a special condition it was possible to access data of an internal repository through project fork done by a project member...

PT-2021-6483 · Gitlab · Gitlab Ce/Ee +1

Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 12.8 and later Description: An issue has been discovered affecting GitLab CE/EE, where under a special condition, it was possible to access data of an internal repository through a project fork done by a project member...

CVE-2021-22200

An issue has been discovered in GitLab CE/EE affecting all versions starting with 12.6. Under a special condition it was possible to access data of an internal repository through a public project fork as an anonymous user...

CVE-2021-22200

An issue has been discovered in GitLab CE/EE affecting all versions starting with 12.6. Under a special condition it was possible to access data of an internal repository through a public project fork as an anonymous user...

PT-2021-14911 · Gitlab · Gitlab Ce/Ee +1

Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 12.6 and later Description: An issue has been discovered affecting GitLab CE/EE, where under a special condition, it was possible for an anonymous user to access data of an internal repository through a public project...