Lucene search
K

20 matches found

CVE
CVE
added yesterday7 views

CVE-2026-27775

Summary: CVE-2026-27775 affects Gitea 1.25.5, where a branch-specific write-permission result is cached across multiple refs in a single pre-receive hook session. This permits a per-branch maintainer-edit grant to be reused on other refs, potentially escalating to full repository write access. Im...

7.1AI score
Exploits0References4
ATTACKERKB
ATTACKERKB
added yesterday2 views

CVE-2026-27775

Gitea 1.25.5 caches a branch-specific write-permission result across multiple refs in one pre-receive hook session, allowing a per-branch maintainer-edit grant to be reused for other refs and escalate to full repository write access...

5.9AI score
Exploits0References5Affected Software1
NVD
NVD
added 2026/06/26 5:16 p.m.8 views

CVE-2026-45408

Dokku is a docker-powered PaaS. Prior to 0.38.2, the app name validation regex ^a-z0-9^/:A-Z$ permits shell metacharacters. When an authenticated user pushes to a git remote with a crafted app name, the name is embedded unquoted into a bash pre-receive hook script via an unquoted heredoc EOF...

9CVSS0.00234EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/26 4:19 p.m.9 views

EUVD-2026-39801

Dokku is a docker-powered PaaS. Prior to 0.38.2, the app name validation regex ^a-z0-9^/:A-Z$ permits shell metacharacters. When an authenticated user pushes to a git remote with a crafted app name, the name is embedded unquoted into a bash pre-receive hook script via an unquoted heredoc EOF...

9CVSS6AI score0.00234EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/26 4:19 p.m.7 views

CVE-2026-45408

Dokku is a docker-powered PaaS. Prior to 0.38.2, the app name validation regex ^a-z0-9^/:A-Z$ permits shell metacharacters. When an authenticated user pushes to a git remote with a crafted app name, the name is embedded unquoted into a bash pre-receive hook script via an unquoted heredoc...

9CVSS5.8AI score0.00234EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2026/06/26 4:19 p.m.16 views

CVE-2026-45408

CVE-2026-45408 affects Dokku, a docker-powered PaaS. Before 0.38.2, the app name validation regex allows shell metacharacters, and when an authenticated user pushes to a git remote with a crafted app name, the name is embedded unquoted into a bash pre-receive hook script via an unquoted heredoc (...

9CVSS6AI score0.00234EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/06/26 4:19 p.m.33 views

CVE-2026-45408 Dokku: OS Command Injection via App Name in Git Pre-Receive Hook

Dokku is a docker-powered PaaS. Prior to 0.38.2, the app name validation regex ^a-z0-9^/:A-Z$ permits shell metacharacters. When an authenticated user pushes to a git remote with a crafted app name, the name is embedded unquoted into a bash pre-receive hook script via an unquoted heredoc EOF...

9CVSS0.00234EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/26 12:0 a.m.17 views

PT-2026-52853

Name of the Vulnerable Software and Affected Versions Dokku versions prior to 0.38.2 Description An issue exists where the app name validation regex permits shell metacharacters. An authenticated user can exploit this by pushing to a git remote using a crafted app name. This name is embedded...

9CVSS6.2AI score0.00234EPSS
Exploits0References5
OSV
OSV
added 2026/06/16 11:41 p.m.4 views

GHSA-MM7C-RHG6-QR4R Gitea: Authorization Bypass via "Allow edits from maintainers" allows unauthorized commits to any readable repo

Summary Any authenticated low-privilege user with read access to a repository can push arbitrary commits directly to that repository, bypassing all write-access checks. Vulnerability Gitea's "Allow edits from maintainers" PR option can be abused via reverse-fork PRs: 1. The web UI PR-create...

8.5CVSS5.5AI score0.00028EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/06/16 11:41 p.m.8 views

Gitea: Authorization Bypass via "Allow edits from maintainers" allows unauthorized commits to any readable repo

Summary Any authenticated low-privilege user with read access to a repository can push arbitrary commits directly to that repository, bypassing all write-access checks. Vulnerability Gitea's "Allow edits from maintainers" PR option can be abused via reverse-fork PRs: 1. The web UI PR-create...

8.5CVSS5.5AI score0.00028EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/16 12:0 a.m.11 views

PT-2026-50136

Name of the Vulnerable Software and Affected Versions Gitea affected versions not specified Description An authorization bypass allows any authenticated low-privilege user with read access to a repository to push arbitrary commits directly to that repository, bypassing write-access checks. This...

8.5CVSS6AI score0.00028EPSS
Exploits0References9
NVD
NVD
added 2025/11/10 11:15 p.m.3 views

CVE-2025-11578

A privilege escalation vulnerability was identified in GitHub Enterprise Server that allowed an authenticated Enterprise admin to gain root SSH access to the appliance by exploiting a symlink escape in pre-receive hook environments. By crafting a malicious repository and environment, an attacker...

7.5CVSS0.00584EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2025/11/10 10:44 p.m.4 views

CVE-2025-11578 Pre-Receive Hook Path Collision Vulnerability in GitHub Enterprise Server Allowing Privilege Escalation

A privilege escalation vulnerability was identified in GitHub Enterprise Server that allowed an authenticated Enterprise admin to gain root SSH access to the appliance by exploiting a symlink escape in pre-receive hook environments. By crafting a malicious repository and environment, an attacker...

7.5CVSS6.9AI score0.00584EPSS
Exploits0References5
Cvelist
Cvelist
added 2025/11/10 10:44 p.m.9 views

CVE-2025-11578 Pre-Receive Hook Path Collision Vulnerability in GitHub Enterprise Server Allowing Privilege Escalation

A privilege escalation vulnerability was identified in GitHub Enterprise Server that allowed an authenticated Enterprise admin to gain root SSH access to the appliance by exploiting a symlink escape in pre-receive hook environments. By crafting a malicious repository and environment, an attacker...

7.5CVSS0.00584EPSS
Exploits0References5
CVE
CVE
added 2025/11/10 10:44 p.m.15 views

CVE-2025-11578

CVE-2025-11578 is a privilege-escalation vulnerability in GitHub Enterprise Server. An authenticated Enterprise admin could abuse a symlink escape in pre-receive hook environments to replace system binaries during hook cleanup and inject their SSH key into root’s authorized_keys, enabling root SS...

7.5CVSS6.9AI score0.00584EPSS
Exploits0References5Affected Software1
CVE
CVE
added 2025/04/17 10:50 p.m.1106 views

CVE-2025-3509

CVE-2025-3509 affects GitHub Enterprise Server prior to 3.18 and is a Remote Code Execution in the pre-receive hook. The root cause involves using dynamically allocated ports that become temporarily available during specific operational conditions (e.g., hot patch upgrades), creating an exploitab...

7.2CVSS7.9AI score0.01209EPSS
Exploits0References5Affected Software1
Positive Technologies
Positive Technologies
added 2025/04/17 12:0 a.m.7 views

PT-2025-17246 · Github · Github Enterprise Server

Name of the Vulnerable Software and Affected Versions: GitHub Enterprise Server versions prior to 3.18 Description: A Remote Code Execution RCE vulnerability was identified in GitHub Enterprise Server that allowed attackers to execute arbitrary code by exploiting the pre-receive hook functionalit...

8CVSS8.2AI score0.01209EPSS
Exploits0References28
Tenable Nessus
Tenable Nessus
added 2019/03/27 12:0 a.m.21 views

openSUSE Security Update : gitolite (openSUSE-2019-754)

This update for gitolite fixes the following issues : Gitolite was updated to 3.6.9 : - CVE-2018-16976: prevent racy access to repos in process of migration to gitolite boo1108272 - 'info' learns new '-p' option to show only physical repos as opposed to wild repos The update to 3.6.8 contains : -...

8.1CVSS7.6AI score0.01166EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2018/10/06 12:0 a.m.21 views

openSUSE: Security Advisory for gitolite (openSUSE-SU-2018:3035-1)

The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

8.1CVSS8.1AI score0.01166EPSS
Exploits0References2
OPENSUSE Linux
OPENSUSE Linux
added 2018/10/05 9:10 p.m.73 views

Security update for gitolite (moderate)

This update for gitolite fixes the following issues: Gitolite was updated to 3.6.9: - CVE-2018-16976: prevent racy access to repos in process of migration to gitolite boo1108272 - 'info' learns new '-p' option to show only physical repos as opposed to wild repos The update to 3.6.8 contains: - fi...

7.9AI score0.01166EPSS
Exploits0References1
Rows per page
Query Builder