12 matches found
Symlink Attack
Overview Affected versions of this package are vulnerable to Symlink Attack in the template repository generation process. An attacker can access or modify files outside the intended directory by leveraging symlinked or non-regular paths. Remediation Upgrade gitea.dev/services/repository to versi...
Symlink Attack
Overview Affected versions of this package are vulnerable to Symlink Attack in the template repository generation process. An attacker can access or modify files outside the intended directory by leveraging symlinked or non-regular paths. Remediation Upgrade...
Symlink Attack
Overview gitea.dev/modules/util is a Git with a cup of tea, painless self-hosted git service. Affected versions of this package are vulnerable to Symlink Attack in the template repository generation process. An attacker can access or modify files outside the intended directory by leveraging...
CVE-2026-25718 Gitea template repository generation mishandles symlinked paths
Gitea versions before 1.25.5 mishandle path resolution during template repository generation, allowing template processing to read or write through symlinked or otherwise non-regular paths...
EUVD-2026-41624
Gitea versions before 1.25.5 mishandle path resolution during template repository generation, allowing template processing to read or write through symlinked or otherwise non-regular paths...
CVE-2026-25718
Gitea prior to version 1.25.5 is affected by a symlink-based path resolution issue during template repository generation, allowing template processing to read or write via symlinked/non-regular paths. The vulnerability affects Gitea core components used for template repository generation (e.g., m...
CVE-2026-25718 Gitea template repository generation mishandles symlinked paths
Gitea versions before 1.25.5 mishandle path resolution during template repository generation, allowing template processing to read or write through symlinked or otherwise non-regular paths...
SUSE CVE-2025-68937
Forgejo before 13.0.2 allows attackers to write to unintended files, and possibly obtain server shell access, because of mishandling of out-of-repository symlink destinations for template repositories. This is also fixed for 11 LTS in 11.0.7 and later...
CVE-2025-68937
Forgejo before 13.0.2 allows attackers to write to unintended files, and possibly obtain server shell access, because of mishandling of out-of-repository symlink destinations for template repositories. This is also fixed for 11 LTS in 11.0.7 and later...
Forgejo 安全漏洞
Forgejo is a lightweight git service. A security vulnerability exists in Forgejo versions prior to 13.0.2 that stems from mishandling of the template repository symbolic link target, which could result in writing unexpected files and gaining server shell access...
CVE-2020-20627
creationtimestamp| type| source ---|---|--- 2025-12-08 05:34:55+00:00| confirmed| https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2020/CVE-2020-20627.yaml 2025-12-09 21:02:27+00:00| seen| https://bsky.app/profile/beikokucyber.bsky.social/post/3m7lgxdps5a2e...
CVE-2021-35042
creationtimestamp| type| source ---|---|--- 2021-07-11 13:57:03+00:00| published-proof-of-concept| https://t.me/CyberSecurityTechnologies/3809 2021-09-01 17:02:17+00:00| published-proof-of-concept| https://t.me/GithubRedTeam/468 2025-12-15 01:42:52+00:00| confirmed|...