3 matches found
CVE-2026-27771
Gitea versions up to and including 1.26.1 have insufficient permission checks for Composer package source links, which can expose private or internal package source information...
CVE-2026-27771
CVE-2026-27771 affects Gitea container registry prior to 1.26.2. The root cause is ReqContainerAccess not enforcing per-owner visibility, allowing ghost users (UserID: -1) to access private container images via standard OCI/Docker endpoints. Impact: unauthenticated access can expose private/inter...
PT-2021-15665 · Python +2 · Pip +3
Name of the Vulnerable Software and Affected Versions: Bundler versions 1.16.0 through 2.2.9 Bundler versions 2.2.11 through 2.2.17 Python/pip affected versions not specified .NET/NuGet affected versions not specified Java/Maven affected versions not specified JavaScript/npm affected versions not...