2 matches found
CVE-2026-52815
Gogs is an open source self-hosted Git service. Prior to 0.14.3, Gogs has an unauthenticated information disclosure vulnerability. The GET /api/v1/orgs/:orgname/teams endpoint at internal/route/api/v1/orgteam.go:8 returns all teams for any organization without requiring authentication. The route...
FreeBSD : gitea -- multiple vulnerabilities (1650cee2-a320-11ea-a090-08002734b9ed)
The Gitea Team reports for release 1.11.6 : - Fix missing authorization check on pull for public repos of private/limited org 11656 11683 - Use session for retrieving org teams 11438 11439 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from...