3 matches found
Gitea < 1.16.4 Improper Authorization Vulnerability
Gitea is prone to an improper authorization vulnerability. Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; yo...
CVE-2022-0905 Missing Authorization in go-gitea/gitea
Missing Authorization in GitHub repository go-gitea/gitea prior to 1.16.4...
CVE-2022-0905
CVE-2022-0905 concerns Gitea (go-gitea/gitea) prior to 1.16.4, with a missing/Improper Authorization vulnerability in PAM/auth flow. Affected component is the Gitea login/authorization path where PAM authentication can skip authorization checks, enabling login for expired accounts or accounts wit...