CVE-2020-14144

The git hook feature in Gitea 1.1.0 through 1.12.5 might allow for authenticated remote code execution in customer environments where the documentation was not understood e.g., one viewpoint is that the dangerousness of this feature should be documented immediately above the ENABLEGITHOOKS line i...

Gogs OS Command Injection Vulnerability

Gogs Go Git Service is a Go-based self-service Git hosting service , which supports creating and migrating public/private repositories , adding and removing repository collaborators and so on. An operating system command injection vulnerability exists in the git hook feature of Gogs versions 1.1....

CVE-2020-14144

The git hook feature in Gitea 1.1.0 through 1.12.5 might allow for authenticated remote code execution in customer environments where the documentation was not understood e.g., one viewpoint is that the dangerousness of this feature should be documented immediately above the ENABLEGITHOOKS line i...

Privilege escalation

The git hook feature in Gogs 0.5.5 through 0.12.2 allows for authenticated remote code execution. There can be a privilege escalation if access to this hook feature is granted to a user who does not have administrative privileges. NOTE: because this is mentioned in the documentation but not in th...

PT-2020-13891

Name of the Vulnerable Software and Affected Versions Gitea versions 1.1.0 through 1.12.5 Description The git hook feature in Gitea might allow for authenticated remote code execution in customer environments where the documentation was not understood. The vendor has indicated this is not a...