6 matches found
CVE-2026-52796
Gogs is an open source self-hosted Git service. Prior to 0.14.3, specially crafted issue index pattern can cause a panic when rendering, resulting in denial of service. In internal/markup/markup.go, RenderIssueIndexPattern renders the issue index pattern to a link using com.Expand, which is not...
CVE-2026-52796
Gogs is an open source self-hosted Git service. Prior to 0.14.3, specially crafted issue index pattern can cause a panic when rendering, resulting in denial of service. In internal/markup/markup.go, RenderIssueIndexPattern renders the issue index pattern to a link using com.Expand, which is not...
CVE-2026-52796 Gogs: DoS in rendering issue index pattern
Gogs is an open source self-hosted Git service. Prior to 0.14.3, specially crafted issue index pattern can cause a panic when rendering, resulting in denial of service. In internal/markup/markup.go, RenderIssueIndexPattern renders the issue index pattern to a link using com.Expand, which is not...
CVE-2026-52796
CVE-2026-52796 / GHSA-4J89-2C4F-44C6 : Gogs before 0.14.3 is vulnerable to a DoS caused by a rendering panic in the issue index pattern. The bug arises when rendering the index link in internal/markup/markup.go: com.Expand is fed a pattern containing an opening brace “{” but no matching “}”, lead...
Gogs has DoS in rendering issue index pattern
Summary Special template of issue index pattern may cause panic. Details in internal/markup/markup.go go link = fmt.Sprintf%s, com.Expandmetas"format", metas, m Issue index pattern is rendered to link with com.Expand. However, com.Expand is not safe. go i = strings.Indextemplate, "" if s, ok :=...
PT-2026-51456
Name of the Vulnerable Software and Affected Versions Gogs versions prior to 0.14.3 Description A specially crafted issue index pattern can cause a panic during rendering, leading to a denial of service. In the internal/markup/markup.go file, the RenderIssueIndexPattern function uses com.Expand t...