2 matches found
Gitea Container Registry - Unauthorized Private Image Access
Gitea = 1.26.2. As a temporary workaround, set REQUIRESIGNINVIEW=true in gitea app.ini, though this blocks all anonymous access including public repos. reference: - https://blog.gitea.com/release-of-1.26.2/ - https://github.com/go-gitea/gitea/pull/37290 -...
CVE-2026-27771
Gitea versions up to and including 1.26.1 have insufficient permission checks for Composer package source links, which can expose private or internal package source information...