CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

8 matches found

RedhatCVE•added 2026/01/09 9:13 a.m.•4 views

CVE-2022-31038

Gogs is an open source self-hosted Git service. In versions of gogs prior to 0.12.9 DisplayName does not filter characters input from users, which leads to an XSS vulnerability when directly displayed in the issue list. This issue has been resolved in commit 155cae1d which sanitizes DisplayName...

5.4CVSS5.9AI score0.00263EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 8:33 a.m.•4 views

CVE-2024-39931

Gogs through 0.13.0 allows deletion of internal files...

9.9CVSS6.9AI score0.07233EPSS

Exploits0References1

Github Security Blog•added 2025/06/24 7:0 p.m.•33 views

Gogs allows deletion of internal files which leads to remote command execution

Summary Due to the insufficient patch for the CVE-2024-39931, it's still possible to delete files under the .git directory and achieve remote command execution. Details In the patch for CVE-2024-39931, the following check is added:...

10CVSS8.3AI score0.07233EPSS

Exploits0References6Affected Software1

RedhatCVE•added 2025/02/05 9:23 p.m.•8 views

CVE-2022-2024

OS Command Injection in GitHub repository gogs/gogs prior to 0.12.11...

9.8CVSS7.1AI score0.43635EPSS

Exploits1References1

NVD•added 2024/12/23 4:15 p.m.•15 views

CVE-2024-54148

Gogs is an open source self-hosted Git service. A malicious user is able to commit and edit a crafted symlink file to a repository to gain SSH access to the server. The vulnerability is fixed in 0.13.1...

9.8CVSS0.00972EPSS

Exploits1References4