6 matches found
Access Control Bypass
Overview Affected versions of this package are vulnerable to Access Control Bypass due to insufficient permission checks in the draft release process. An attacker can access sensitive draft release data or attachments by bypassing required write permissions. Remediation Upgrade...
CVE-2026-27660
Gitea versions before 1.25.5 allow draft release data or attachments to be accessed without the required write permission...
CVE-2026-27660 Gitea draft releases use insufficient permission checks
Gitea versions before 1.25.5 allow draft release data or attachments to be accessed without the required write permission...
CVE-2026-27660
Gitea versions before 1.25.5 allow draft release data or attachments to be accessed without the required write permission...
EUVD-2026-41633
Gitea versions before 1.25.5 allow draft release data or attachments to be accessed without the required write permission...
PT-2026-55601
Name of the Vulnerable Software and Affected Versions Gitea versions prior to 1.25.5 Description Draft release data or attachments can be accessed by users who do not possess the necessary write permissions. Recommendations Update to version 1.25.5 or later...