Lucene search
K

4 matches found

Vulnrichment
Vulnrichment
added 2026/02/06 5:43 p.m.4 views

CVE-2026-23632 Gogs user can update repository content with read-only permission

Gogs is an open source self-hosted Git service. In version 0.13.3 and prior, the endpoint "PUT /repos/:owner/:repo/contents/" does not require write permissions and allows access with read permission only via repoAssignment. After passing the permission check, PutContents invokes UpdateRepoFile,...

6.5CVSS5.6AI score0.00282EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/02/06 4:58 p.m.4 views

CVE-2025-64111 Gogs's update .git/config file allows remote command execution

Gogs is an open source self-hosted Git service. In version 0.13.3 and prior, due to the insufficient patch for CVE-2024-56731, it's still possible to update files in the .git directory and achieve remote command execution. This issue has been patched in versions 0.13.4 and 0.14.0+dev...

9.3CVSS5.2AI score0.01229EPSS
Exploits3References1
OSV
OSV
added 2026/02/06 4:58 p.m.5 views

CVE-2025-64111 Gogs's update .git/config file allows remote command execution

Gogs is an open source self-hosted Git service. In version 0.13.3 and prior, due to the insufficient patch for CVE-2024-56731, it's still possible to update files in the .git directory and achieve remote command execution. This issue has been patched in versions 0.13.4 and 0.14.0+dev...

9.3CVSS5.5AI score0.01229EPSS
Exploits3References3
Cvelist
Cvelist
added 2026/02/06 4:58 p.m.43 views

CVE-2025-64111 Gogs's update .git/config file allows remote command execution

Gogs is an open source self-hosted Git service. In version 0.13.3 and prior, due to the insufficient patch for CVE-2024-56731, it's still possible to update files in the .git directory and achieve remote command execution. This issue has been patched in versions 0.13.4 and 0.14.0+dev...

9.3CVSS0.01229EPSS
Exploits3References1
Rows per page
Query Builder