Lucene search
+L

11 matches found

Snyk
Snyk
added 2026/07/03 10:19 p.m.4 views

Denial of Service (DoS)

Overview Affected versions of this package are vulnerable to Denial of Service DoS via the git grep process. An attacker can exhaust server resources by initiating expensive or long-running search operations without restriction. Details Denial of Service DoS describes a family of attacks, all aim...

8.7CVSS6AI score0.00466EPSS
Exploits0References2
Snyk
Snyk
added 2026/07/03 10:19 p.m.5 views

Denial of Service (DoS)

Overview Affected versions of this package are vulnerable to Denial of Service DoS via the git grep process. An attacker can exhaust server resources by initiating expensive or long-running search operations without restriction. Details Denial of Service DoS describes a family of attacks, all aim...

8.7CVSS6AI score0.00466EPSS
Exploits0References2
NVD
NVD
added 2026/07/03 9:16 p.m.5 views

CVE-2026-26307

Gitea versions before 1.25.5 do not enforce a timeout on git grep searches, allowing expensive searches to consume server resources...

7.5CVSS0.00466EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/07/03 8:19 p.m.35 views

CVE-2026-26307 Gitea git grep search lacks a timeout

Gitea versions before 1.25.5 do not enforce a timeout on git grep searches, allowing expensive searches to consume server resources...

0.00466EPSS
Exploits0References4
EUVD
EUVD
added 2026/07/03 8:19 p.m.9 views

EUVD-2026-41631

Gitea versions before 1.25.5 do not enforce a timeout on git grep searches, allowing expensive searches to consume server resources...

6AI score0.00466EPSS
Exploits0References4
CVE
CVE
added 2026/07/03 8:19 p.m.18 views

CVE-2026-26307

CVE-2026-26307 affects Gitea versions before 1.25.5. The vulnerability arises because the git grep searches do not enforce a timeout, allowing expensive searches to consume server resources and cause a DoS condition. Affected component: the Git subsystem within Gitea (as noted in multiple sources...

7.5CVSS6AI score0.00466EPSS
Exploits0References4
OSV
OSV
added 2026/07/03 8:19 p.m.4 views

CVE-2026-26307 Gitea git grep search lacks a timeout

Gitea versions before 1.25.5 do not enforce a timeout on git grep searches, allowing expensive searches to consume server resources...

7.5CVSS6AI score0.00466EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/07/03 12:0 a.m.10 views

PT-2026-55599

Name of the Vulnerable Software and Affected Versions Gitea versions prior to 1.25.5 Description The software does not enforce a timeout on git grep searches, which can allow expensive search operations to consume excessive server resources. Recommendations Update to version 1.25.5 or later...

7.5CVSS6.1AI score0.00466EPSS
Exploits0References7
SUSE CVE
SUSE CVE
added 2023/02/15 6:7 a.m.5 views

SUSE CVE-2008-3546

Stack-based buffer overflow in the 1 diffaddremove and 2 diffchange functions in GIT before 1.5.6.4 might allow local users to execute arbitrary code via a PATH whose length is larger than the system's PATHMAX when running GIT utilities such as git-diff or git-grep...

7.5CVSS8AI score0.04302EPSS
Exploits1References3
Fedora
Fedora
added 2022/07/31 1:37 a.m.14 views

[SECURITY] Fedora 36 Update: vgrep-2.6.0-3.fc36

vgrep is a pager for grep, git-grep, ripgrep and similar grep implementations, and allows for opening the indexed file locations in a user-specified editor such as vim or emacs. vgrep is inspired by the ancient cgvg scripts but extended to perform further operations such as listing statistics of...

7.3AI score
Exploits0
RubySec
RubySec
added 2014/12/04 12:0 a.m.17 views

gollum-grit_adapter Search Functionality Allows Arbitrary Command Execution

The gollum-gritadapter gem contains a flaw that can allow arbitrary command execution. Grit implements its search functionality by shelling out to git grep. In turn, git grep takes a -O or --open-files-in-pages option that will pipe the results of grep to an arbitrary process. By failing to...

8.8CVSS2.1AI score0.02292EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder