Lucene search
K

23 matches found

Veracode
Veracode
added 2026/03/20 10:9 a.m.6 views

Improper Access Control.

code.gitea.io/gitea is vulnerable to improper access control. The vulnerability is due to inadequate enforcement of branch deletion permissions after merging a pull request, which allows an attacker to delete branches without proper authorization...

5.3CVSS7.3AI score0.00251EPSS
Exploits0References6Affected Software3
Cvelist
Cvelist
added 2026/02/19 2:25 a.m.48 views

CVE-2026-25232 Gogs has a Protected Branch Deletion Bypass in Web Interface

Gogs is an open source self-hosted Git service. Versions 0.13.4 and below have an access control bypass vulnerability which allows any repository collaborator with Write permissions to delete protected branches including the default branch by sending a direct POST request, completely bypassing th...

7.1CVSS0.00436EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2026/02/17 12:0 a.m.11 views

PT-2026-20322

Name of the Vulnerable Software and Affected Versions Gogs versions 0.13.4 and below Description Gogs, an open-source self-hosted Git service, contains an access control bypass issue. Repository collaborators with Write permissions can delete protected branches, including the default branch, by...

9.9CVSS6AI score0.27661EPSS
Exploits45References117
SUSE CVE
SUSE CVE
added 2026/01/06 12:23 a.m.4 views

SUSE CVE-2025-68940

In Gitea before 1.22.5, branch deletion permissions are not adequately enforced after merging a pull request...

5.3CVSS6.9AI score0.00251EPSS
Exploits0References2
OSV
OSV
added 2026/01/03 11:37 a.m.5 views

BIT-GITEA-2025-68940

In Gitea before 1.22.5, branch deletion permissions are not adequately enforced after merging a pull request...

5.3CVSS6.8AI score0.00251EPSS
Exploits0References4
OSV
OSV
added 2025/12/30 1:49 a.m.3 views

GO-2025-4267 Gitea doesn't adequately enforce branch deletion permissions after merging a pull request. in code.gitea.io/gitea

Gitea doesn't adequately enforce branch deletion permissions after merging a pull request. in code.gitea.io/gitea...

5.3CVSS6.5AI score0.00251EPSS
Exploits0References5
Snyk
Snyk
added 2025/12/26 3:30 a.m.1 views

Incorrect Authorization

Overview Affected versions of this package are vulnerable to Incorrect Authorization via inadequate enforcement of branch delete permissions after merging a pull request. An attacker can delete arbitrary branches. Remediation Upgrade github.com/go-gitea/gitea/routers/web/repo to version 1.22.5 or...

5.3CVSS6.9AI score0.00251EPSS
Exploits0References2
Snyk
Snyk
added 2025/12/26 3:30 a.m.1 views

Incorrect Authorization

Overview Affected versions of this package are vulnerable to Incorrect Authorization via inadequate enforcement of branch delete permissions after merging a pull request. An attacker can delete arbitrary branches. Remediation Upgrade code.gitea.io/gitea/routers/api/v1/repo to version 1.22.5 or...

5.3CVSS6.9AI score0.00251EPSS
Exploits0References2
Snyk
Snyk
added 2025/12/26 3:30 a.m.2 views

Incorrect Authorization

Overview Affected versions of this package are vulnerable to Incorrect Authorization via inadequate enforcement of branch delete permissions after merging a pull request. An attacker can delete arbitrary branches. Remediation Upgrade github.com/go-gitea/gitea/services/repository to version 1.22.5...

5.3CVSS6.9AI score0.00251EPSS
Exploits0References2
Snyk
Snyk
added 2025/12/26 3:30 a.m.1 views

Incorrect Authorization

Overview Affected versions of this package are vulnerable to Incorrect Authorization via inadequate enforcement of branch delete permissions after merging a pull request. An attacker can delete arbitrary branches. Remediation Upgrade code.gitea.io/gitea/services/repository to version 1.22.5 or...

5.3CVSS6.9AI score0.00251EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2025/12/26 3:30 a.m.7 views

Gitea doesn't adequately enforce branch deletion permissions after merging a pull request.

In Gitea before 1.22.5, branch deletion permissions are not adequately enforced after merging a pull request...

5.3CVSS6.9AI score0.00251EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2025/12/26 3:30 a.m.8 views

GHSA-RRCW-5RJV-VJ26 Gitea doesn't adequately enforce branch deletion permissions after merging a pull request.

In Gitea before 1.22.5, branch deletion permissions are not adequately enforced after merging a pull request...

3.1CVSS6.7AI score0.00251EPSS
Exploits0References5
OSV
OSV
added 2025/12/26 3:15 a.m.3 views

CVE-2025-68940

In Gitea before 1.22.5, branch deletion permissions are not adequately enforced after merging a pull request...

5.3CVSS6.8AI score
Exploits0References3
NVD
NVD
added 2025/12/26 3:15 a.m.8 views

CVE-2025-68940

In Gitea before 1.22.5, branch deletion permissions are not adequately enforced after merging a pull request...

5.3CVSS0.00251EPSS
Exploits0References3
EUVD
EUVD
added 2025/12/26 2:14 a.m.4 views

EUVD-2025-205410

In Gitea before 1.22.5, branch deletion permissions are not adequately enforced after merging a pull request...

3.1CVSS6.3AI score0.00251EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/12/26 2:14 a.m.23 views

CVE-2025-68940

In Gitea before 1.22.5, branch deletion permissions are not adequately enforced after merging a pull request...

3.1CVSS0.00251EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/12/26 2:14 a.m.4 views

CVE-2025-68940

In Gitea before 1.22.5, branch deletion permissions are not adequately enforced after merging a pull request...

3.1CVSS6.5AI score0.00251EPSS
Exploits0References3
CVE
CVE
added 2025/12/26 2:14 a.m.25 views

CVE-2025-68940

CVE-2025-68940 (Gitea) : Multiple connected sources confirm a vulnerability in Gitea up to version 1.22.4 where branch deletion permissions are not adequately enforced after merging a pull request. The issue affects the code paths governing branch deletion permissions and can allow improper branc...

5.3CVSS6.5AI score0.00251EPSS
Exploits0References3Affected Software1
CNNVD
CNNVD
added 2025/12/26 12:0 a.m.3 views

Gitea 安全漏洞

Gitea is a lightweight Go-based git service developed by the Gitea community. A security vulnerability exists in Gitea versions prior to 1.22.5, which stems from insufficient execution of branch delete permissions after a merge pull request...

5.3CVSS7.6AI score0.00251EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/12/26 12:0 a.m.8 views

PT-2025-53437

Name of the Vulnerable Software and Affected Versions Gitea versions prior to 1.22.5 Description A permission enforcement issue exists in Gitea related to branch deletion after a pull request merge. Specifically, the system does not adequately enforce branch deletion permissions in these scenario...

5.3CVSS6.5AI score0.00251EPSS
Exploits0References10
Rows per page
Query Builder