36149 matches found
Improper Handling of Exceptional Conditions
Overview Affected versions of this package are vulnerable to Improper Handling of Exceptional Conditions via the internal/route/repo/wiki.go and internal/route/repo/view.go processes. An attacker can cause the web interface to become unusable and trigger HTTP 500 errors by creating a new file and...
Improper Handling of Exceptional Conditions
Overview Affected versions of this package are vulnerable to Improper Handling of Exceptional Conditions via the internal/route/repo/wiki.go and internal/route/repo/view.go processes. An attacker can cause the web interface to become unusable and trigger HTTP 500 errors by creating a new file and...
Incorrect Authorization
Overview Affected versions of this package are vulnerable to Incorrect Authorization via the Watch API handler. An attacker can gain unauthorized access to private repository activity by exploiting an inverted access check, allowing them to monitor commit messages, branch names, issue titles, and...
Incorrect Authorization
Overview Affected versions of this package are vulnerable to Incorrect Authorization via the Watch API handler. An attacker can gain unauthorized access to private repository activity by exploiting an inverted access check, allowing them to monitor commit messages, branch names, issue titles, and...
User Impersonation
Overview Affected versions of this package are vulnerable to User Impersonation via the ENABLEREVERSEPROXYAUTHENTICATION process. An attacker can impersonate any user or trigger automatic account creation by forging the configured authentication header in client requests. This is only exploitable...
User Impersonation
Overview Affected versions of this package are vulnerable to User Impersonation via the ENABLEREVERSEPROXYAUTHENTICATION process. An attacker can impersonate any user or trigger automatic account creation by forging the configured authentication header in client requests. This is only exploitable...
User Impersonation
Overview Affected versions of this package are vulnerable to User Impersonation via the ENABLEREVERSEPROXYAUTHENTICATION process. An attacker can impersonate any user or trigger automatic account creation by forging the configured authentication header in client requests. This is only exploitable...
User Impersonation
Overview Affected versions of this package are vulnerable to User Impersonation via the ENABLEREVERSEPROXYAUTHENTICATION process. An attacker can impersonate any user or trigger automatic account creation by forging the configured authentication header in client requests. This is only exploitable...
Improper Neutralization of Special Elements Used in a Template Engine
Overview Affected versions of this package are vulnerable to Improper Neutralization of Special Elements Used in a Template Engine in the RenderIssueIndexPattern process. An attacker can cause a panic and disrupt service availability by configuring a specially crafted issue index pattern containi...
Improper Neutralization of Special Elements Used in a Template Engine
Overview Affected versions of this package are vulnerable to Improper Neutralization of Special Elements Used in a Template Engine in the RenderIssueIndexPattern process. An attacker can cause a panic and disrupt service availability by configuring a specially crafted issue index pattern containi...
Server-side Request Forgery (SSRF)
Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF in the webhook delivery process. An attacker can access internal network resources by supplying a webhook URL that follows redirects to hostnames within restricted local address ranges. Remediation Upgra...
Server-side Request Forgery (SSRF)
Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF in the webhook delivery process. An attacker can access internal network resources by supplying a webhook URL that follows redirects to hostnames within restricted local address ranges. Remediation Upgra...
Server-side Request Forgery (SSRF)
Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF in the webhook delivery process. An attacker can access internal network resources by supplying a webhook URL that follows redirects to hostnames within restricted local address ranges. Remediation Upgra...
Server-side Request Forgery (SSRF)
Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF in the webhook delivery process. An attacker can access internal network resources by supplying a webhook URL that follows redirects to hostnames within restricted local address ranges. Remediation Upgra...
Cross-site Request Forgery (CSRF)
Overview Affected versions of this package are vulnerable to Cross-site Request Forgery CSRF in the organization team member management process due to the lack of CSRF protection on GET requests. An attacker can gain organization owner–equivalent privileges by tricking a logged-in organization...
Cross-site Request Forgery (CSRF)
Overview Affected versions of this package are vulnerable to Cross-site Request Forgery CSRF in the organization team member management process due to the lack of CSRF protection on GET requests. An attacker can gain organization owner–equivalent privileges by tricking a logged-in organization...
Incorrect Authorization
Overview Affected versions of this package are vulnerable to Incorrect Authorization via the SaveAddress function. An attacker can access unauthorized local repositories by providing a crafted repository address in the Mirror Settings. Remediation Upgrade github.com/gogs/gogs/internal/form to...
Incorrect Authorization
Overview Affected versions of this package are vulnerable to Incorrect Authorization via the SaveAddress function. An attacker can access unauthorized local repositories by providing a crafted repository address in the Mirror Settings. Remediation Upgrade...
Incorrect Authorization
Overview Affected versions of this package are vulnerable to Incorrect Authorization via the SaveAddress function. An attacker can access unauthorized local repositories by providing a crafted repository address in the Mirror Settings. Remediation Upgrade github.com/gogs/gogs/internal/route/repo ...
Incorrect Authorization
Overview Affected versions of this package are vulnerable to Incorrect Authorization via the SaveAddress function. An attacker can access unauthorized local repositories by providing a crafted repository address in the Mirror Settings. Remediation Upgrade gogs.io/gogs/internal/form to version...
Incorrect Authorization
Overview Affected versions of this package are vulnerable to Incorrect Authorization via the SaveAddress function. An attacker can access unauthorized local repositories by providing a crafted repository address in the Mirror Settings. Remediation Upgrade gogs.io/gogs/internal/route/api/v1/repo t...
Incorrect Authorization
Overview Affected versions of this package are vulnerable to Incorrect Authorization via the SaveAddress function. An attacker can access unauthorized local repositories by providing a crafted repository address in the Mirror Settings. Remediation Upgrade gogs.io/gogs/internal/route/repo to versi...
Open Redirect
Overview Affected versions of this package are vulnerable to Open Redirect via the redirectto parameter. An attacker can redirect users to arbitrary external sites by crafting URLs that bypass validation in the IsSameSite function, which only inspects the first two characters of the URL string an...
Open Redirect
Overview Affected versions of this package are vulnerable to Open Redirect via the redirectto parameter. An attacker can redirect users to arbitrary external sites by crafting URLs that bypass validation in the IsSameSite function, which only inspects the first two characters of the URL string an...
Server-side Request Forgery (SSRF)
Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF in the repository migration process. An attacker can access internal resources and exfiltrate sensitive repository contents by submitting a crafted URL that redirects to an internal endpoint during...
Server-side Request Forgery (SSRF)
Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF in the repository migration process. An attacker can access internal resources and exfiltrate sensitive repository contents by submitting a crafted URL that redirects to an internal endpoint during...
Server-side Request Forgery (SSRF)
Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF in the repository migration process. An attacker can access internal resources and exfiltrate sensitive repository contents by submitting a crafted URL that redirects to an internal endpoint during...
Server-side Request Forgery (SSRF)
Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF in the repository migration process. An attacker can access internal resources and exfiltrate sensitive repository contents by submitting a crafted URL that redirects to an internal endpoint during...
Arbitrary Command Injection
Overview Affected versions of this package are vulnerable to Arbitrary Command Injection via the git rebase process when handling pull requests with specially crafted branch names that inject the --exec flag. An attacker can execute arbitrary commands on the server by submitting a malicious pull...
Arbitrary Command Injection
Overview Affected versions of this package are vulnerable to Arbitrary Command Injection via the git rebase process when handling pull requests with specially crafted branch names that inject the --exec flag. An attacker can execute arbitrary commands on the server by submitting a malicious pull...
Allocation of Resources Without Limits or Throttling
Overview github.com/gogs/gogs/internal/ssh is a painless self-hosted Git service Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling through the SSH handshake process. An attacker can exhaust available file descriptors and disrupt legitimate...
Allocation of Resources Without Limits or Throttling
Overview gogs.io/gogs/internal/ssh is a painless self-hosted Git service Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling through the SSH handshake process. An attacker can exhaust available file descriptors and disrupt legitimate access by...
Off-by-one Error
Overview Affected versions of this package are vulnerable to Off-by-one Error via the ChangeCollaborationAccessMode function. An attacker can gain owner-level privileges by exploiting an off-by-one error when modifying collaboration access modes. Remediation Upgrade...
Off-by-one Error
Overview Affected versions of this package are vulnerable to Off-by-one Error via the ChangeCollaborationAccessMode function. An attacker can gain owner-level privileges by exploiting an off-by-one error when modifying collaboration access modes. Remediation Upgrade...
Off-by-one Error
Overview Affected versions of this package are vulnerable to Off-by-one Error via the ChangeCollaborationAccessMode function. An attacker can gain owner-level privileges by exploiting an off-by-one error when modifying collaboration access modes. Remediation Upgrade...
Off-by-one Error
Overview Affected versions of this package are vulnerable to Off-by-one Error via the ChangeCollaborationAccessMode function. An attacker can gain owner-level privileges by exploiting an off-by-one error when modifying collaboration access modes. Remediation Upgrade...
Off-by-one Error
Overview Affected versions of this package are vulnerable to Off-by-one Error via the ChangeCollaborationAccessMode function. An attacker can gain owner-level privileges by exploiting an off-by-one error when modifying collaboration access modes. Remediation Upgrade gogs.io/gogs/internal/database...
Off-by-one Error
Overview Affected versions of this package are vulnerable to Off-by-one Error via the ChangeCollaborationAccessMode function. An attacker can gain owner-level privileges by exploiting an off-by-one error when modifying collaboration access modes. Remediation Upgrade gogs.io/gogs/internal/route/re...
Authorization Bypass Through User-Controlled Key
Overview Affected versions of this package are vulnerable to Authorization Bypass Through User-Controlled Key via the GET /attachments/:uuid process. An attacker can access sensitive attachment files by sending crafted requests to download attachments from private repositories without proper...
Authorization Bypass Through User-Controlled Key
Overview Affected versions of this package are vulnerable to Authorization Bypass Through User-Controlled Key via the GET /attachments/:uuid process. An attacker can access sensitive attachment files by sending crafted requests to download attachments from private repositories without proper...
Cross-site Scripting (XSS)
Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS via the /-/api/sanitizeipynb endpoint, which fails to properly restrict data URI schemes in Jupyter Notebook sanitization. An attacker can execute arbitrary JavaScript in the context of another user by submittin...
Cross-site Scripting (XSS)
Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS via the /-/api/sanitizeipynb endpoint, which fails to properly restrict data URI schemes in Jupyter Notebook sanitization. An attacker can execute arbitrary JavaScript in the context of another user by submittin...
Missing Authentication for Critical Function
Overview Affected versions of this package are vulnerable to Missing Authentication for Critical Function via the GET /api/v1/orgs/:orgname/teams endpoint, which returns organization team details without requiring authentication. An attacker can access sensitive information such as team IDs, name...
Missing Authentication for Critical Function
Overview Affected versions of this package are vulnerable to Missing Authentication for Critical Function via the GET /api/v1/orgs/:orgname/teams endpoint, which returns organization team details without requiring authentication. An attacker can access sensitive information such as team IDs, name...
Cross-site Scripting (XSS)
Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS via the /-/api/sanitizeipynb endpoint, which fails to properly restrict data URI schemes in Jupyter Notebook sanitization. An attacker can execute arbitrary JavaScript in the context of another user by submittin...
Cross-site Scripting (XSS)
Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS via the /-/api/sanitizeipynb endpoint, which fails to properly restrict data URI schemes in Jupyter Notebook sanitization. An attacker can execute arbitrary JavaScript in the context of another user by submittin...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code linked to a variant of the "Miasma" supply chain attack targeting the LeoPlatform npm ecosystem. A malicious actor compromised a legitimate maintainer account and used it to publish infected versions of this...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code linked to a variant of the "Miasma" supply chain attack targeting the LeoPlatform npm ecosystem. A malicious actor compromised a legitimate maintainer account and used it to publish infected versions of this...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code linked to a variant of the "Miasma" supply chain attack targeting the LeoPlatform npm ecosystem. A malicious actor compromised a legitimate maintainer account and used it to publish infected versions of this...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code linked to a variant of the "Miasma" supply chain attack targeting the LeoPlatform npm ecosystem. A malicious actor compromised a legitimate maintainer account and used it to publish infected versions of this...