GHSA-R7H7-CHH4-5RVM Improper Access Control in Gitea

Gitea 0.9.99 through 1.12.x before 1.12.6 does not prevent a git protocol path that specifies a TCP port number and also contains newlines with URL encoding in ParseRemoteAddr in modules/auth/repoform.go...

BIT-GITEA-2020-28991

Gitea 0.9.99 through 1.12.x before 1.12.6 does not prevent a git protocol path that specifies a TCP port number and also contains newlines with URL encoding in ParseRemoteAddr in modules/auth/repoform.go...

Gitea 0.9.99 < 1.12.6 RCE Vulnerability

Gitea is prone to a remote code execution RCE vulnerability. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software;...

Privilege Escalation

gitea is vulnerable to escalation of privilege. An attacker is able to get a TCP port number through a git protocol path in ParseRemoteAddr in modules/auth/repoform.go...

CVE-2020-28991

Gitea 0.9.99 through 1.12.x before 1.12.6 does not prevent a git protocol path that specifies a TCP port number and also contains newlines with URL encoding in ParseRemoteAddr in modules/auth/repoform.go...

PT-2020-17077 · Gitea +1 · Gitea +1

Name of the Vulnerable Software and Affected Versions: Gitea versions 0.9.99 through 1.12.x before 1.12.6 Description: The issue arises from the failure to prevent a git protocol path that specifies a TCP port number and also contains newlines with URL encoding in ParseRemoteAddr in...