3 matches found
EUVD-2026-41628
Gitea versions before 1.25.5 do not consistently enforce OAuth2 authorization code expiry and single-use behavior during token exchange...
CVE-2026-26232
Gitea vulnerable before 1.25.5: OAuth2 authorization codes are not consistently expired or single-use during token exchange. Affected: Gitea versions prior to 1.25.5. Root cause: lack of enforcement of expiry and single-use behavior for authorization codes during token exchange. Impact: potential...
CVE-2026-26232
Gitea versions before 1.25.5 do not consistently enforce OAuth2 authorization code expiry and single-use behavior during token exchange...