Lucene search
K

4 matches found

NVD
NVD
added 2026/06/24 9:16 p.m.8 views

CVE-2026-47267

Gogs is an open source self-hosted Git service. Prior to 0.14.3, the fix for CVE-2022-1285 prevents adding webooks or running webhooks with URLs with a hostname that resolves in localCIDRs. However, webhooks still follow redirects allowing to access hostname inside localCIDRs. This vulnerability ...

8.3CVSS0.00402EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/24 8:9 p.m.17 views

CVE-2026-47267 Gogs: SSRF in webhook deliveries

Gogs is an open source self-hosted Git service. Prior to 0.14.3, the fix for CVE-2022-1285 prevents adding webooks or running webhooks with URLs with a hostname that resolves in localCIDRs. However, webhooks still follow redirects allowing to access hostname inside localCIDRs. This vulnerability ...

8.3CVSS0.00402EPSS
Exploits0References3
GitLab Advisory Database
GitLab Advisory Database
added 2022/03/14 12:0 a.m.15 views

SSRF in repository migration

Impact The malicious user is able to discover services in the internal network through repository migration functionality. All installations accepting public traffic are affected. Patches Internal network CIDRs are prohibited to be used as repository migration targets. Users should upgrade to...

1AI score
Exploits0References3Affected Software1
OSV
OSV
added 2022/03/12 12:0 a.m.13 views

GHSA-7V5R-R995-Q2X2 SSRF in repository migration

Gogs is a self-hosted Git service. The malicious user is able to discover services in the internal network through repository migration functionality. All installations accepting public traffic are affected. Internal network CIDRs are prohibited to be used as repository migration targets. Users...

5CVSS5.4AI score0.03422EPSS
Exploits1References4
Rows per page
Query Builder