Vulnerabilites related to gogs - gogs
Vulnerability from fkie_nvd
Published
2018-08-08 00:29
Modified
2024-11-21 03:50
Severity ?
Summary
Open redirect vulnerability in Gogs before 0.12 allows remote attackers to redirect users to arbitrary websites and conduct phishing attacks via an initial /\ substring in the user/login redirect_to parameter, related to the function isValidRedirect in routes/user/auth.go.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://github.com/gogs/gogs/issues/5364 | Exploit, Third Party Advisory | |
| cve@mitre.org | https://github.com/gogs/gogs/pull/5365 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/gogs/gogs/issues/5364 | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/gogs/gogs/pull/5365 | Third Party Advisory |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:gogs:gogs:*:*:*:*:*:*:*:*", matchCriteriaId: "5A12227F-4CC1-4D7E-A306-A32AC4883567", versionEndExcluding: "0.12", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Open redirect vulnerability in Gogs before 0.12 allows remote attackers to redirect users to arbitrary websites and conduct phishing attacks via an initial /\\ substring in the user/login redirect_to parameter, related to the function isValidRedirect in routes/user/auth.go.", }, { lang: "es", value: "Vulnerabilidad de redirección abierta en Gogs en versiones anteriores a la 0.12 permite que atacantes remotos redirijan a usuarios a sitios web arbitrarios y lleven a cabo ataques de phishing mediante una subcadena /\\ inicial en el parámetro redirect_to en user/login. Esto está relacionado con la función isValidRedirect en routes/user/auth.go.", }, ], id: "CVE-2018-15178", lastModified: "2024-11-21T03:50:28.133", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 4.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.0", }, exploitabilityScore: 2.8, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-08-08T00:29:02.583", references: [ { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/gogs/gogs/issues/5364", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://github.com/gogs/gogs/pull/5365", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/gogs/gogs/issues/5364", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://github.com/gogs/gogs/pull/5365", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-601", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-06-02 14:15
Modified
2024-11-21 06:07
Severity ?
Summary
Missing input validation in internal/db/repo_editor.go in Gogs before 0.12.8 allows an attacker to execute code remotely. An unprivileged attacker (registered user) can overwrite the Git configuration in his repository. This leads to Remote Command Execution, because that configuration can contain an option such as sshCommand, which is executed when a master branch is a remote branch (using an ssh:// URI). The remote branch can also be configured by editing the Git configuration file. One can create a new file in a new repository, using the GUI, with "\" as its name, and then rename this file to .git/config with the custom configuration content (and then save it).
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://github.com/gogs/gogs/releases | Release Notes, Third Party Advisory | |
| cve@mitre.org | https://github.com/gogs/gogs/security/advisories/GHSA-56j7-2pm8-rgmx | Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/gogs/gogs/releases | Release Notes, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/gogs/gogs/security/advisories/GHSA-56j7-2pm8-rgmx | Issue Tracking, Third Party Advisory |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:gogs:gogs:*:*:*:*:*:*:*:*", matchCriteriaId: "95A31B26-0A2D-4BC0-AC6C-4342A81CC093", versionEndExcluding: "0.12.8", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Missing input validation in internal/db/repo_editor.go in Gogs before 0.12.8 allows an attacker to execute code remotely. An unprivileged attacker (registered user) can overwrite the Git configuration in his repository. This leads to Remote Command Execution, because that configuration can contain an option such as sshCommand, which is executed when a master branch is a remote branch (using an ssh:// URI). The remote branch can also be configured by editing the Git configuration file. One can create a new file in a new repository, using the GUI, with \"\\\" as its name, and then rename this file to .git/config with the custom configuration content (and then save it).", }, { lang: "es", value: "Una falta de comprobación de entrada en el archivo internal/db/repo_editor.go en Gogs versiones anteriores a 0.12.8, permite a un atacante ejecutar código de forma remota. Un atacante no privilegiado (usuario registrado) puede sobrescribir la configuración de Git en su repositorio. Esto conlleva a una Ejecución de Comandos Remota, porque esa configuración puede contener una opción como sshCommand, que es ejecutado cuando una rama maestra es una rama remota (usando una URI ssh://). La rama remota también puede configurarse al editar el archivo de configuración de Git. Puede crearse un nuevo archivo en un nuevo repositorio, usando la interfaz gráfica de usuario, con \"\\ ~\" como su nombre, y luego cambiar el nombre de este archivo a .git / configuración con el contenido de la configuración personalizada (y luego guardarlo)", }, ], id: "CVE-2021-32546", lastModified: "2024-11-21T06:07:14.480", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 6.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:S/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-06-02T14:15:28.587", references: [ { source: "cve@mitre.org", tags: [ "Release Notes", "Third Party Advisory", ], url: "https://github.com/gogs/gogs/releases", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", "Third Party Advisory", ], url: "https://github.com/gogs/gogs/security/advisories/GHSA-56j7-2pm8-rgmx", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Third Party Advisory", ], url: "https://github.com/gogs/gogs/releases", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Third Party Advisory", ], url: "https://github.com/gogs/gogs/security/advisories/GHSA-56j7-2pm8-rgmx", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-10-16 14:15
Modified
2024-11-21 05:06
Severity ?
Summary
The git hook feature in Gogs 0.5.5 through 0.12.2 allows for authenticated remote code execution. There can be a privilege escalation if access to this hook feature is granted to a user who does not have administrative privileges. NOTE: because this is mentioned in the documentation but not in the UI, it could be considered a "Product UI does not Warn User of Unsafe Actions" issue.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://packetstormsecurity.com/files/162123/Gogs-Git-Hooks-Remote-Code-Execution.html | Exploit, Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://www.fzi.de/en/news/news/detail-en/artikel/fsa-2020-3-schwachstelle-in-gitea-1125-und-gogs-0122-ermoeglicht-ausfuehrung-von-code-nach-authent/ | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://packetstormsecurity.com/files/162123/Gogs-Git-Hooks-Remote-Code-Execution.html | Exploit, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.fzi.de/en/news/news/detail-en/artikel/fsa-2020-3-schwachstelle-in-gitea-1125-und-gogs-0122-ermoeglicht-ausfuehrung-von-code-nach-authent/ | Exploit, Third Party Advisory |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:gogs:gogs:*:*:*:*:*:*:*:*", matchCriteriaId: "2534B2F0-4CE5-4DA4-A352-5AC07C21EA03", versionEndIncluding: "0.12.2", versionStartIncluding: "0.5.5", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The git hook feature in Gogs 0.5.5 through 0.12.2 allows for authenticated remote code execution. There can be a privilege escalation if access to this hook feature is granted to a user who does not have administrative privileges. NOTE: because this is mentioned in the documentation but not in the UI, it could be considered a \"Product UI does not Warn User of Unsafe Actions\" issue.", }, { lang: "es", value: "La característica de gancho git en Gogs versiones 0.5.5 hasta 0.12.2 permite la ejecución de código remoto autenticado. Puede haber una escalada de privilegios si el acceso a esta característica de gancho se concede a un usuario que no tiene privilegios administrativos. NOTA: debido a que esto se menciona en la documentación pero no en la interfaz de usuario, podría considerarse un problema de \"La interfaz de usuario del producto no advierte al usuario de acciones inseguras\"", }, ], id: "CVE-2020-15867", lastModified: "2024-11-21T05:06:20.747", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 6.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:S/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-10-16T14:15:11.627", references: [ { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/162123/Gogs-Git-Hooks-Remote-Code-Execution.html", }, { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://www.fzi.de/en/news/news/detail-en/artikel/fsa-2020-3-schwachstelle-in-gitea-1125-und-gogs-0122-ermoeglicht-ausfuehrung-von-code-nach-authent/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/162123/Gogs-Git-Hooks-Remote-Code-Execution.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://www.fzi.de/en/news/news/detail-en/artikel/fsa-2020-3-schwachstelle-in-gitea-1125-und-gogs-0122-ermoeglicht-ausfuehrung-von-code-nach-authent/", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2018-11-04 05:29
Modified
2024-11-21 03:56
Severity ?
Summary
Gogs 0.11.66 allows remote code execution because it does not properly validate session IDs, as demonstrated by a ".." session-file forgery in the file session provider in file.go. This is related to session ID handling in the go-macaron/session code for Macaron.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://github.com/gogs/gogs/issues/5469 | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/gogs/gogs/issues/5469 | Patch, Third Party Advisory |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:gogs:gogs:*:*:*:*:*:*:*:*", matchCriteriaId: "19C82C8E-F556-4B88-BBC5-C2BB69C80723", versionEndIncluding: "0.11.66", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Gogs 0.11.66 allows remote code execution because it does not properly validate session IDs, as demonstrated by a \"..\" session-file forgery in the file session provider in file.go. This is related to session ID handling in the go-macaron/session code for Macaron.", }, { lang: "es", value: "Gogs 0.11.66 permite la ejecución remota de código debido a que no valida correctamente los ID de sesión, tal y como queda demostrado por una falsificación de archivos de sesión \"..\" en el proveedor de sesión de archivos en file.go. Esto está relacionado con el manejo de ID de sesión en el código go-macaron/session para Macaron.", }, ], id: "CVE-2018-18925", lastModified: "2024-11-21T03:56:53.020", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-11-04T05:29:00.397", references: [ { source: "cve@mitre.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/gogs/gogs/issues/5469", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/gogs/gogs/issues/5469", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-384", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-02-21 22:15
Modified
2024-11-21 05:40
Severity ?
Summary
Gogs through 0.11.91 allows attackers to violate the admin-specified repo-creation policy due to an internal/db/repo.go race condition.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://github.com/gogs/gogs/issues/5926 | Exploit, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/gogs/gogs/issues/5926 | Exploit, Patch, Third Party Advisory |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:gogs:gogs:*:*:*:*:*:*:*:*", matchCriteriaId: "EA2B75BE-EE0C-4E9B-8ACD-DD233A9EBAA7", versionEndIncluding: "0.11.91", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Gogs through 0.11.91 allows attackers to violate the admin-specified repo-creation policy due to an internal/db/repo.go race condition.", }, { lang: "es", value: "Gogs versiones hasta 0.11.91, permite a atacantes violar la política de repo-creation especificada por el administrador debido a una condición de carrera interna del archivo /db/repo.go.", }, ], id: "CVE-2020-9329", lastModified: "2024-11-21T05:40:25.287", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, exploitabilityScore: 2.2, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-02-21T22:15:10.880", references: [ { source: "cve@mitre.org", tags: [ "Exploit", "Patch", "Third Party Advisory", ], url: "https://github.com/gogs/gogs/issues/5926", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Patch", "Third Party Advisory", ], url: "https://github.com/gogs/gogs/issues/5926", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-362", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2024-11-15 11:15
Modified
2024-11-19 14:47
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10.0 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
10.0 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Summary
A remote command execution vulnerability exists in gogs/gogs versions <=0.12.7 when deployed on a Windows server. The vulnerability arises due to improper validation of the `tree_path` parameter during file uploads. An attacker can set `tree_path=.git.` to upload a file into the .git directory, allowing them to write or rewrite the `.git/config` file. If the `core.sshCommand` is set, this can lead to remote command execution.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| security@huntr.dev | https://huntr.com/bounties/9cd4e7b7-0979-4e5e-9a1c-388b58dea76b | Exploit, Third Party Advisory |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:gogs:gogs:*:*:*:*:*:*:*:*", matchCriteriaId: "DE99FDD7-1B59-4533-B5FA-F946D0C95630", versionEndIncluding: "0.12.7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", matchCriteriaId: "A2572D17-1DE6-457B-99CC-64AFD54487EA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A remote command execution vulnerability exists in gogs/gogs versions <=0.12.7 when deployed on a Windows server. The vulnerability arises due to improper validation of the `tree_path` parameter during file uploads. An attacker can set `tree_path=.git.` to upload a file into the .git directory, allowing them to write or rewrite the `.git/config` file. If the `core.sshCommand` is set, this can lead to remote command execution.", }, { lang: "es", value: "Existe una vulnerabilidad de ejecución remota de comandos en las versiones de gogs/gogs <=0.12.7 cuando se implementan en un servidor Windows. La vulnerabilidad surge debido a una validación incorrecta del parámetro `tree_path` durante la carga de archivos. Un atacante puede configurar `tree_path=.git.` para cargar un archivo en el directorio .git, lo que le permite escribir o reescribir el archivo `.git/config`. Si se configura `core.sshCommand`, esto puede provocar la ejecución remota de comandos.", }, ], id: "CVE-2022-1884", lastModified: "2024-11-19T14:47:48.443", metrics: { cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 10, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 6, source: "security@huntr.dev", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 10, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 6, source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }, published: "2024-11-15T11:15:07.803", references: [ { source: "security@huntr.dev", tags: [ "Exploit", "Third Party Advisory", ], url: "https://huntr.com/bounties/9cd4e7b7-0979-4e5e-9a1c-388b58dea76b", }, ], sourceIdentifier: "security@huntr.dev", vulnStatus: "Analyzed", weaknesses: [ { description: [ { lang: "en", value: "CWE-78", }, ], source: "security@huntr.dev", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-77", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-03-21 11:15
Modified
2024-11-21 06:38
Severity ?
Summary
Remote Command Execution in uploading repository file in GitHub repository gogs/gogs prior to 0.12.6.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| security@huntr.dev | https://github.com/gogs/gogs/commit/0fef3c9082269e9a4e817274942a5d7c50617284 | Patch, Third Party Advisory | |
| security@huntr.dev | https://huntr.dev/bounties/b4928cfe-4110-462f-a180-6d5673797902 | Exploit, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/gogs/gogs/commit/0fef3c9082269e9a4e817274942a5d7c50617284 | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://huntr.dev/bounties/b4928cfe-4110-462f-a180-6d5673797902 | Exploit, Patch, Third Party Advisory |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:gogs:gogs:*:*:*:*:*:*:*:*", matchCriteriaId: "8D0C289A-C304-438C-8AAA-2D84DA7C48B3", versionEndExcluding: "0.12.6", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Remote Command Execution in uploading repository file in GitHub repository gogs/gogs prior to 0.12.6.", }, { lang: "es", value: "Una Ejecución de Comandos Remota en la carga de un archivo de repositorio en el repositorio de GitHub gogs/gogs versiones anteriores a 0.12.6", }, ], id: "CVE-2022-0415", lastModified: "2024-11-21T06:38:34.820", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 6.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:S/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.9, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 3.1, impactScore: 6, source: "security@huntr.dev", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-03-21T11:15:10.757", references: [ { source: "security@huntr.dev", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/gogs/gogs/commit/0fef3c9082269e9a4e817274942a5d7c50617284", }, { source: "security@huntr.dev", tags: [ "Exploit", "Patch", "Third Party Advisory", ], url: "https://huntr.dev/bounties/b4928cfe-4110-462f-a180-6d5673797902", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/gogs/gogs/commit/0fef3c9082269e9a4e817274942a5d7c50617284", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Patch", "Third Party Advisory", ], url: "https://huntr.dev/bounties/b4928cfe-4110-462f-a180-6d5673797902", }, ], sourceIdentifier: "security@huntr.dev", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "security@huntr.dev", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-434", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-06-01 06:15
Modified
2024-11-21 06:40
Severity ?
Summary
Server-Side Request Forgery (SSRF) in GitHub repository gogs/gogs prior to 0.12.8.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| security@huntr.dev | https://github.com/gogs/gogs/commit/7885f454a4946c4bbec1b4f8c603b5eea7429c7f | Patch, Third Party Advisory | |
| security@huntr.dev | https://huntr.dev/bounties/da1fbd6e-7a02-458e-9c2e-6d226c47046d | Exploit, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/gogs/gogs/commit/7885f454a4946c4bbec1b4f8c603b5eea7429c7f | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://huntr.dev/bounties/da1fbd6e-7a02-458e-9c2e-6d226c47046d | Exploit, Patch, Third Party Advisory |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:gogs:gogs:*:*:*:*:*:*:*:*", matchCriteriaId: "95A31B26-0A2D-4BC0-AC6C-4342A81CC093", versionEndExcluding: "0.12.8", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Server-Side Request Forgery (SSRF) in GitHub repository gogs/gogs prior to 0.12.8.", }, { lang: "es", value: "Una vulnerabilidad de tipo Server-Side Request Forgery (SSRF) en el repositorio de GitHub gogs/gogs versiones anteriores a 0.12.8", }, ], id: "CVE-2022-1285", lastModified: "2024-11-21T06:40:24.783", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 8.3, baseSeverity: "HIGH", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 3.7, source: "security@huntr.dev", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-06-01T06:15:07.193", references: [ { source: "security@huntr.dev", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/gogs/gogs/commit/7885f454a4946c4bbec1b4f8c603b5eea7429c7f", }, { source: "security@huntr.dev", tags: [ "Exploit", "Patch", "Third Party Advisory", ], url: "https://huntr.dev/bounties/da1fbd6e-7a02-458e-9c2e-6d226c47046d", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/gogs/gogs/commit/7885f454a4946c4bbec1b4f8c603b5eea7429c7f", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Patch", "Third Party Advisory", ], url: "https://huntr.dev/bounties/da1fbd6e-7a02-458e-9c2e-6d226c47046d", }, ], sourceIdentifier: "security@huntr.dev", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-918", }, ], source: "security@huntr.dev", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-918", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-03-11 11:15
Modified
2024-11-21 06:39
Severity ?
Summary
Server-Side Request Forgery (SSRF) in GitHub repository gogs/gogs prior to 0.12.5.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| security@huntr.dev | https://github.com/gogs/gogs/commit/91f2cde5e95f146bfe4765e837e7282df6c7cabb | Patch, Third Party Advisory | |
| security@huntr.dev | https://huntr.dev/bounties/327797d7-ae41-498f-9bff-cc0bf98cf531 | Exploit, Issue Tracking, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/gogs/gogs/commit/91f2cde5e95f146bfe4765e837e7282df6c7cabb | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://huntr.dev/bounties/327797d7-ae41-498f-9bff-cc0bf98cf531 | Exploit, Issue Tracking, Patch, Third Party Advisory |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:gogs:gogs:*:*:*:*:*:*:*:*", matchCriteriaId: "BA3DD858-E721-489E-B886-56B23A6F6325", versionEndExcluding: "0.12.5", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Server-Side Request Forgery (SSRF) in GitHub repository gogs/gogs prior to 0.12.5.", }, { lang: "es", value: "Una vulnerabilidad de tipo Server-Side Request Forgery (SSRF) en el repositorio de GitHub gogs/gogs versiones anteriores a 0.12.5", }, ], id: "CVE-2022-0870", lastModified: "2024-11-21T06:39:34.190", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N", version: "3.0", }, exploitabilityScore: 3.1, impactScore: 1.4, source: "security@huntr.dev", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 1.4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-03-11T11:15:07.897", references: [ { source: "security@huntr.dev", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/gogs/gogs/commit/91f2cde5e95f146bfe4765e837e7282df6c7cabb", }, { source: "security@huntr.dev", tags: [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://huntr.dev/bounties/327797d7-ae41-498f-9bff-cc0bf98cf531", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/gogs/gogs/commit/91f2cde5e95f146bfe4765e837e7282df6c7cabb", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://huntr.dev/bounties/327797d7-ae41-498f-9bff-cc0bf98cf531", }, ], sourceIdentifier: "security@huntr.dev", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-918", }, ], source: "security@huntr.dev", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-918", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-06-09 17:15
Modified
2024-11-21 06:41
Severity ?
Summary
OS Command Injection in GitHub repository gogs/gogs prior to 0.12.9.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| security@huntr.dev | https://github.com/gogs/gogs/commit/38aff73251cc46ced96dd608dab6190415032a82 | Patch, Third Party Advisory | |
| security@huntr.dev | https://huntr.dev/bounties/776e8f29-ff5e-4501-bb9f-0bd335007930 | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/gogs/gogs/commit/38aff73251cc46ced96dd608dab6190415032a82 | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://huntr.dev/bounties/776e8f29-ff5e-4501-bb9f-0bd335007930 | Exploit, Third Party Advisory |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:gogs:gogs:*:*:*:*:*:*:*:*", matchCriteriaId: "4DAD0C2A-2575-4160-90B2-D024A0A41B0A", versionEndExcluding: "0.12.9", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "OS Command Injection in GitHub repository gogs/gogs prior to 0.12.9.", }, { lang: "es", value: "Una Inyección de comandos del Sistema Operativo en el repositorio de GitHub gogs/gogs versiones anteriores a 0.12.9", }, ], id: "CVE-2022-1986", lastModified: "2024-11-21T06:41:53.540", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 10, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 6, source: "security@huntr.dev", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-06-09T17:15:08.627", references: [ { source: "security@huntr.dev", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/gogs/gogs/commit/38aff73251cc46ced96dd608dab6190415032a82", }, { source: "security@huntr.dev", tags: [ "Exploit", "Third Party Advisory", ], url: "https://huntr.dev/bounties/776e8f29-ff5e-4501-bb9f-0bd335007930", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/gogs/gogs/commit/38aff73251cc46ced96dd608dab6190415032a82", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://huntr.dev/bounties/776e8f29-ff5e-4501-bb9f-0bd335007930", }, ], sourceIdentifier: "security@huntr.dev", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-78", }, ], source: "security@huntr.dev", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-78", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2024-07-04 16:15
Modified
2025-04-10 13:43
Severity ?
9.9 (Critical) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
9.9 (Critical) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
9.9 (Critical) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Summary
Gogs through 0.13.0 allows deletion of internal files.
References
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:gogs:gogs:*:*:*:*:*:*:*:*", matchCriteriaId: "5634A605-49DE-459E-ADE6-2E65D89321BD", versionEndIncluding: "0.13.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Gogs through 0.13.0 allows deletion of internal files.", }, { lang: "es", value: "Gogs hasta 0.13.0 permite la eliminación de archivos internos.", }, ], id: "CVE-2024-39931", lastModified: "2025-04-10T13:43:51.257", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.9, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.1, impactScore: 6, source: "cve@mitre.org", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.9, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.1, impactScore: 6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2024-07-04T16:15:02.503", references: [ { source: "cve@mitre.org", tags: [ "Release Notes", ], url: "https://github.com/gogs/gogs/releases", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://www.sonarsource.com/blog/securing-developer-tools-unpatched-code-vulnerabilities-in-gogs-1/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", ], url: "https://github.com/gogs/gogs/releases", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.sonarsource.com/blog/securing-developer-tools-unpatched-code-vulnerabilities-in-gogs-1/", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Analyzed", weaknesses: [ { description: [ { lang: "en", value: "CWE-552", }, ], source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2018-09-03 19:29
Modified
2024-11-21 03:52
Severity ?
Summary
In Gogs 0.11.53, an attacker can use migrate to send arbitrary HTTP GET requests, leading to SSRF.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://github.com/gogs/gogs/issues/5372 | Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/gogs/gogs/issues/5372 | Issue Tracking, Third Party Advisory |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:gogs:gogs:0.11.53:*:*:*:*:*:*:*", matchCriteriaId: "612D4EF5-DECD-4D10-8154-21B563353229", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "In Gogs 0.11.53, an attacker can use migrate to send arbitrary HTTP GET requests, leading to SSRF.", }, { lang: "es", value: "En Gogs 0.11.53, un atacante puede emplear migrate para enviar peticiones HTTP GET arbitrarias, lo que conduce a Server-Side Request Forgery (SSRF).", }, ], id: "CVE-2018-16409", lastModified: "2024-11-21T03:52:41.667", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 8.6, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-09-03T19:29:01.243", references: [ { source: "cve@mitre.org", tags: [ "Issue Tracking", "Third Party Advisory", ], url: "https://github.com/gogs/gogs/issues/5372", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Third Party Advisory", ], url: "https://github.com/gogs/gogs/issues/5372", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-918", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2018-09-14 02:29
Modified
2024-11-21 03:53
Severity ?
Summary
In Gogs 0.11.53, an attacker can use a crafted .eml file to trigger MIME type sniffing, which leads to XSS, as demonstrated by Internet Explorer, because an "X-Content-Type-Options: nosniff" header is not sent.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://github.com/gogs/gogs/issues/5397 | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/gogs/gogs/issues/5397 | Exploit, Third Party Advisory |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:gogs:gogs:0.11.53:*:*:*:*:*:*:*", matchCriteriaId: "612D4EF5-DECD-4D10-8154-21B563353229", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "In Gogs 0.11.53, an attacker can use a crafted .eml file to trigger MIME type sniffing, which leads to XSS, as demonstrated by Internet Explorer, because an \"X-Content-Type-Options: nosniff\" header is not sent.", }, { lang: "es", value: "En Gogs 0.11.53, un atacante puede emplear un archivo .eml manipulado para desencadenar el rastreo de tipos MIME, lo que conduce a Cross-Site Scripting (XSS). Esto queda demostrado por Internet Explorer, debido a que no se envía una cabecera \"X-Content-Type-Options: nosniff\".", }, ], id: "CVE-2018-17031", lastModified: "2024-11-21T03:53:44.420", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.0", }, exploitabilityScore: 2.8, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-09-14T02:29:00.390", references: [ { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/gogs/gogs/issues/5397", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/gogs/gogs/issues/5397", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-10-11 15:15
Modified
2024-11-21 07:05
Severity ?
Summary
In Gogs, versions v0.6.5 through v0.12.10 are vulnerable to Stored Cross-Site Scripting (XSS) that leads to an account takeover.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| vulnerabilitylab@mend.io | https://github.com/gogs/gogs/blob/v0.12.10/public/js/gogs.js#L263 | Exploit, Third Party Advisory | |
| vulnerabilitylab@mend.io | https://www.mend.io/vulnerability-database/CVE-2022-32174 | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/gogs/gogs/blob/v0.12.10/public/js/gogs.js#L263 | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.mend.io/vulnerability-database/CVE-2022-32174 | Exploit, Third Party Advisory |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:gogs:gogs:*:*:*:*:*:*:*:*", matchCriteriaId: "6422D77B-BAA8-472C-A3D2-88776374CE8B", versionEndIncluding: "0.12.10", versionStartIncluding: "0.6.5", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "In Gogs, versions v0.6.5 through v0.12.10 are vulnerable to Stored Cross-Site Scripting (XSS) that leads to an account takeover.", }, { lang: "es", value: "En Gogs, las versiones v0.6.5 hasta v0.12.10, son vulnerables a un ataque de tipo Cross-Site Scripting (XSS) Almacenado que conlleva una toma de control de la cuenta", }, ], id: "CVE-2022-32174", lastModified: "2024-11-21T07:05:53.007", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.3, impactScore: 6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-10-11T15:15:09.837", references: [ { source: "vulnerabilitylab@mend.io", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/gogs/gogs/blob/v0.12.10/public/js/gogs.js#L263", }, { source: "vulnerabilitylab@mend.io", tags: [ "Exploit", "Third Party Advisory", ], url: "https://www.mend.io/vulnerability-database/CVE-2022-32174", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/gogs/gogs/blob/v0.12.10/public/js/gogs.js#L263", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://www.mend.io/vulnerability-database/CVE-2022-32174", }, ], sourceIdentifier: "vulnerabilitylab@mend.io", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "vulnerabilitylab@mend.io", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-06-09 17:15
Modified
2024-11-21 06:41
Severity ?
Summary
Path Traversal in GitHub repository gogs/gogs prior to 0.12.9.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| security@huntr.dev | https://github.com/gogs/gogs/commit/9bf748b6c4c9a17d3aa77f6b9abcfae65451febf | Patch, Third Party Advisory | |
| security@huntr.dev | https://huntr.dev/bounties/22f9c074-cf60-4c67-b5c4-72fdf312609d | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/gogs/gogs/commit/9bf748b6c4c9a17d3aa77f6b9abcfae65451febf | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://huntr.dev/bounties/22f9c074-cf60-4c67-b5c4-72fdf312609d | Exploit, Third Party Advisory |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:gogs:gogs:*:*:*:*:*:*:*:*", matchCriteriaId: "4DAD0C2A-2575-4160-90B2-D024A0A41B0A", versionEndExcluding: "0.12.9", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Path Traversal in GitHub repository gogs/gogs prior to 0.12.9.", }, { lang: "es", value: "Un Salto de Ruta en el repositorio de GitHub gogs/gogs versiones anteriores a 0.12.9", }, ], id: "CVE-2022-1993", lastModified: "2024-11-21T06:41:54.497", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "NONE", baseScore: 5.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:S/C:P/I:P/A:N", version: "2.0", }, exploitabilityScore: 8, impactScore: 4.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", version: "3.0", }, exploitabilityScore: 2.8, impactScore: 5.2, source: "security@huntr.dev", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.2, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-06-09T17:15:08.733", references: [ { source: "security@huntr.dev", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/gogs/gogs/commit/9bf748b6c4c9a17d3aa77f6b9abcfae65451febf", }, { source: "security@huntr.dev", tags: [ "Exploit", "Third Party Advisory", ], url: "https://huntr.dev/bounties/22f9c074-cf60-4c67-b5c4-72fdf312609d", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/gogs/gogs/commit/9bf748b6c4c9a17d3aa77f6b9abcfae65451febf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://huntr.dev/bounties/22f9c074-cf60-4c67-b5c4-72fdf312609d", }, ], sourceIdentifier: "security@huntr.dev", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-22", }, ], source: "security@huntr.dev", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-22", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2018-08-08 02:29
Modified
2024-11-21 03:50
Severity ?
Summary
A CSRF vulnerability in the admin panel in Gogs through 0.11.53 allows remote attackers to execute admin operations via a crafted issue / link.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://github.com/gogs/gogs/issues/5367 | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/gogs/gogs/issues/5367 | Exploit, Third Party Advisory |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:gogs:gogs:0.11.53:*:*:*:*:*:*:*", matchCriteriaId: "612D4EF5-DECD-4D10-8154-21B563353229", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A CSRF vulnerability in the admin panel in Gogs through 0.11.53 allows remote attackers to execute admin operations via a crafted issue / link.", }, { lang: "es", value: "Una vulnerabilidad de Cross-Site Request Forgery (CSRF) en el panel de administración en Gogs hasta la versión 0.11.53 permite que atacantes remotos ejecuten operaciones de administrador mediante un problema/enlace manipulado.", }, ], id: "CVE-2018-15193", lastModified: "2024-11-21T03:50:30.320", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-08-08T02:29:00.757", references: [ { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/gogs/gogs/issues/5367", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/gogs/gogs/issues/5367", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-352", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2024-07-04 16:15
Modified
2025-04-11 15:14
Severity ?
9.9 (Critical) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
9.9 (Critical) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
9.9 (Critical) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Summary
The built-in SSH server of Gogs through 0.13.0 allows argument injection in internal/ssh/ssh.go, leading to remote code execution. Authenticated attackers can exploit this by opening an SSH connection and sending a malicious --split-string env request if the built-in SSH server is activated. Windows installations are unaffected.
References
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:gogs:gogs:*:*:*:*:*:*:*:*", matchCriteriaId: "5634A605-49DE-459E-ADE6-2E65D89321BD", versionEndIncluding: "0.13.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The built-in SSH server of Gogs through 0.13.0 allows argument injection in internal/ssh/ssh.go, leading to remote code execution. Authenticated attackers can exploit this by opening an SSH connection and sending a malicious --split-string env request if the built-in SSH server is activated. Windows installations are unaffected.", }, { lang: "es", value: "El servidor SSH integrado de Gogs hasta la versión 0.13.0 permite la inyección de argumentos en internal/ssh/ssh.go, lo que lleva a la ejecución remota de código. Los atacantes autenticados pueden aprovechar esto abriendo una conexión SSH y enviando una solicitud env maliciosa de cadena dividida si el servidor SSH integrado está activado. Las instalaciones de Windows no se ven afectadas.", }, ], id: "CVE-2024-39930", lastModified: "2025-04-11T15:14:27.963", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.9, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.1, impactScore: 6, source: "cve@mitre.org", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.9, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.1, impactScore: 6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2024-07-04T16:15:02.277", references: [ { source: "cve@mitre.org", tags: [ "Release Notes", ], url: "https://github.com/gogs/gogs/releases", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://www.sonarsource.com/blog/securing-developer-tools-unpatched-code-vulnerabilities-in-gogs-1/", }, { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://www.vicarius.io/vsociety/posts/argument-injection-in-gogs-ssh-server-cve-2024-39930", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", ], url: "https://github.com/gogs/gogs/releases", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.sonarsource.com/blog/securing-developer-tools-unpatched-code-vulnerabilities-in-gogs-1/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://www.vicarius.io/vsociety/posts/argument-injection-in-gogs-ssh-server-cve-2024-39930", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Analyzed", weaknesses: [ { description: [ { lang: "en", value: "CWE-88", }, ], source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2024-12-23 16:15
Modified
2025-04-10 14:47
Severity ?
Summary
Gogs is an open source self-hosted Git service. A malicious user is able to write a file to an arbitrary path on the server to gain SSH access to the server. The vulnerability is fixed in 0.13.1.
References
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:gogs:gogs:*:*:*:*:*:*:*:*", matchCriteriaId: "E9DB90B8-6A27-4600-9A97-CA6A77BB4CA2", versionEndExcluding: "0.13.1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Gogs is an open source self-hosted Git service. A malicious user is able to write a file to an arbitrary path on the server to gain SSH access to the server. The vulnerability is fixed in 0.13.1.", }, { lang: "es", value: "Gogs es un servicio Git autohospedado de código abierto. Un usuario malintencionado puede escribir un archivo en una ruta arbitraria del servidor para obtener acceso SSH al servidor. La vulnerabilidad se solucionó en 0.13.1.", }, ], id: "CVE-2024-55947", lastModified: "2025-04-10T14:47:42.700", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], cvssMetricV40: [ { cvssData: { Automatable: "NOT_DEFINED", Recovery: "NOT_DEFINED", Safety: "NOT_DEFINED", attackComplexity: "LOW", attackRequirements: "NONE", attackVector: "NETWORK", availabilityRequirement: "NOT_DEFINED", baseScore: 8.7, baseSeverity: "HIGH", confidentialityRequirement: "NOT_DEFINED", exploitMaturity: "NOT_DEFINED", integrityRequirement: "NOT_DEFINED", modifiedAttackComplexity: "NOT_DEFINED", modifiedAttackRequirements: "NOT_DEFINED", modifiedAttackVector: "NOT_DEFINED", modifiedPrivilegesRequired: "NOT_DEFINED", modifiedSubAvailabilityImpact: "NOT_DEFINED", modifiedSubConfidentialityImpact: "NOT_DEFINED", modifiedSubIntegrityImpact: "NOT_DEFINED", modifiedUserInteraction: "NOT_DEFINED", modifiedVulnAvailabilityImpact: "NOT_DEFINED", modifiedVulnConfidentialityImpact: "NOT_DEFINED", modifiedVulnIntegrityImpact: "NOT_DEFINED", privilegesRequired: "LOW", providerUrgency: "NOT_DEFINED", subAvailabilityImpact: "NONE", subConfidentialityImpact: "NONE", subIntegrityImpact: "NONE", userInteraction: "NONE", valueDensity: "NOT_DEFINED", vectorString: "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", version: "4.0", vulnAvailabilityImpact: "HIGH", vulnConfidentialityImpact: "HIGH", vulnIntegrityImpact: "HIGH", vulnerabilityResponseEffort: "NOT_DEFINED", }, source: "security-advisories@github.com", type: "Secondary", }, ], }, published: "2024-12-23T16:15:07.253", references: [ { source: "security-advisories@github.com", tags: [ "Patch", ], url: "https://github.com/gogs/gogs/commit/9a9388ace25bd646f5098cb9193d983332c34e41", }, { source: "security-advisories@github.com", tags: [ "Issue Tracking", ], url: "https://github.com/gogs/gogs/issues/7582", }, { source: "security-advisories@github.com", tags: [ "Patch", ], url: "https://github.com/gogs/gogs/pull/7859", }, { source: "security-advisories@github.com", tags: [ "Exploit", "Vendor Advisory", ], url: "https://github.com/gogs/gogs/security/advisories/GHSA-qf5v-rp47-55gg", }, { source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", tags: [ "Exploit", "Vendor Advisory", ], url: "https://github.com/gogs/gogs/security/advisories/GHSA-qf5v-rp47-55gg", }, ], sourceIdentifier: "security-advisories@github.com", vulnStatus: "Analyzed", weaknesses: [ { description: [ { lang: "en", value: "CWE-22", }, ], source: "security-advisories@github.com", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2018-12-20 00:29
Modified
2024-11-21 04:01
Severity ?
Summary
In pkg/tool/path.go in Gogs before 0.11.82.1218, a directory traversal in the file-upload functionality can allow an attacker to create a file under data/sessions on the server, a similar issue to CVE-2018-18925.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://github.com/gogs/gogs/commit/ff93d9dbda5cebe90d86e4b7dfb2c6b8642970ce | Patch, Third Party Advisory | |
| cve@mitre.org | https://github.com/gogs/gogs/issues/5558 | Issue Tracking, Patch, Third Party Advisory | |
| cve@mitre.org | https://pentesterlab.com/exercises/cve-2018-18925/ | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/gogs/gogs/commit/ff93d9dbda5cebe90d86e4b7dfb2c6b8642970ce | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/gogs/gogs/issues/5558 | Issue Tracking, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://pentesterlab.com/exercises/cve-2018-18925/ | Exploit, Third Party Advisory |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:gogs:gogs:*:*:*:*:*:*:*:*", matchCriteriaId: "76D9F97B-6525-4671-B70A-025DAE48F051", versionEndExcluding: "0.11.82.1218", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "In pkg/tool/path.go in Gogs before 0.11.82.1218, a directory traversal in the file-upload functionality can allow an attacker to create a file under data/sessions on the server, a similar issue to CVE-2018-18925.", }, { lang: "es", value: "En pkg/tool/path.go en Gogs en versiones anteriores a la 0.11.82.1218, un salto de directorio en la funcionalidad de subida de archivos puede permitir que un atacante cree un archivo en data/sessions en el servidor. Este problema es similar a CVE-2018-18925.", }, ], id: "CVE-2018-20303", lastModified: "2024-11-21T04:01:11.470", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-12-20T00:29:00.350", references: [ { source: "cve@mitre.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/gogs/gogs/commit/ff93d9dbda5cebe90d86e4b7dfb2c6b8642970ce", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://github.com/gogs/gogs/issues/5558", }, { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://pentesterlab.com/exercises/cve-2018-18925/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/gogs/gogs/commit/ff93d9dbda5cebe90d86e4b7dfb2c6b8642970ce", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://github.com/gogs/gogs/issues/5558", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://pentesterlab.com/exercises/cve-2018-18925/", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-22", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2024-12-23 16:15
Modified
2025-04-10 14:48
Severity ?
Summary
Gogs is an open source self-hosted Git service. A malicious user is able to commit and edit a crafted symlink file to a repository to gain SSH access to the server. The vulnerability is fixed in 0.13.1.
References
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:gogs:gogs:*:*:*:*:*:*:*:*", matchCriteriaId: "E9DB90B8-6A27-4600-9A97-CA6A77BB4CA2", versionEndExcluding: "0.13.1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Gogs is an open source self-hosted Git service. A malicious user is able to commit and edit a crafted symlink file to a repository to gain SSH access to the server. The vulnerability is fixed in 0.13.1.", }, { lang: "es", value: "Gogs es un servicio Git autohospedado de código abierto. Un usuario malintencionado puede enviar y editar un archivo de enlace simbólico manipulado en un repositorio para obtener acceso SSH al servidor. La vulnerabilidad se solucionó en 0.13.1.", }, ], id: "CVE-2024-54148", lastModified: "2025-04-10T14:48:03.227", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], cvssMetricV40: [ { cvssData: { Automatable: "NOT_DEFINED", Recovery: "NOT_DEFINED", Safety: "NOT_DEFINED", attackComplexity: "LOW", attackRequirements: "NONE", attackVector: "NETWORK", availabilityRequirement: "NOT_DEFINED", baseScore: 8.7, baseSeverity: "HIGH", confidentialityRequirement: "NOT_DEFINED", exploitMaturity: "NOT_DEFINED", integrityRequirement: "NOT_DEFINED", modifiedAttackComplexity: "NOT_DEFINED", modifiedAttackRequirements: "NOT_DEFINED", modifiedAttackVector: "NOT_DEFINED", modifiedPrivilegesRequired: "NOT_DEFINED", modifiedSubAvailabilityImpact: "NOT_DEFINED", modifiedSubConfidentialityImpact: "NOT_DEFINED", modifiedSubIntegrityImpact: "NOT_DEFINED", modifiedUserInteraction: "NOT_DEFINED", modifiedVulnAvailabilityImpact: "NOT_DEFINED", modifiedVulnConfidentialityImpact: "NOT_DEFINED", modifiedVulnIntegrityImpact: "NOT_DEFINED", privilegesRequired: "LOW", providerUrgency: "NOT_DEFINED", subAvailabilityImpact: "NONE", subConfidentialityImpact: "NONE", subIntegrityImpact: "NONE", userInteraction: "NONE", valueDensity: "NOT_DEFINED", vectorString: "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", version: "4.0", vulnAvailabilityImpact: "HIGH", vulnConfidentialityImpact: "HIGH", vulnIntegrityImpact: "HIGH", vulnerabilityResponseEffort: "NOT_DEFINED", }, source: "security-advisories@github.com", type: "Secondary", }, ], }, published: "2024-12-23T16:15:07.010", references: [ { source: "security-advisories@github.com", tags: [ "Patch", ], url: "https://github.com/gogs/gogs/commit/c94baec9ca923f38c19f0c7c5af722b9ec04022a", }, { source: "security-advisories@github.com", tags: [ "Issue Tracking", ], url: "https://github.com/gogs/gogs/issues/7582", }, { source: "security-advisories@github.com", tags: [ "Patch", ], url: "https://github.com/gogs/gogs/pull/7857", }, { source: "security-advisories@github.com", tags: [ "Exploit", "Vendor Advisory", ], url: "https://github.com/gogs/gogs/security/advisories/GHSA-r7j8-5h9c-f6fx", }, ], sourceIdentifier: "security-advisories@github.com", vulnStatus: "Analyzed", weaknesses: [ { description: [ { lang: "en", value: "CWE-22", }, { lang: "en", value: "CWE-61", }, ], source: "security-advisories@github.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-22", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-06-09 17:15
Modified
2024-11-21 07:03
Severity ?
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Summary
Gogs is an open source self-hosted Git service. In versions of gogs prior to 0.12.9 `DisplayName` does not filter characters input from users, which leads to an XSS vulnerability when directly displayed in the issue list. This issue has been resolved in commit 155cae1d which sanitizes `DisplayName` prior to display to the user. All users of gogs are advised to upgrade. Users unable to upgrade should check their users' display names for malicious characters.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| security-advisories@github.com | https://github.com/gogs/gogs/commit/155cae1de8916fc3fde78f350763034b7422caee | Patch, Third Party Advisory | |
| security-advisories@github.com | https://github.com/gogs/gogs/pull/7009 | Issue Tracking, Third Party Advisory | |
| security-advisories@github.com | https://github.com/gogs/gogs/security/advisories/GHSA-xq4v-vrp9-vcf2 | Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/gogs/gogs/commit/155cae1de8916fc3fde78f350763034b7422caee | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/gogs/gogs/pull/7009 | Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/gogs/gogs/security/advisories/GHSA-xq4v-vrp9-vcf2 | Issue Tracking, Third Party Advisory |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:gogs:gogs:*:*:*:*:*:*:*:*", matchCriteriaId: "4DAD0C2A-2575-4160-90B2-D024A0A41B0A", versionEndExcluding: "0.12.9", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Gogs is an open source self-hosted Git service. In versions of gogs prior to 0.12.9 `DisplayName` does not filter characters input from users, which leads to an XSS vulnerability when directly displayed in the issue list. This issue has been resolved in commit 155cae1d which sanitizes `DisplayName` prior to display to the user. All users of gogs are advised to upgrade. Users unable to upgrade should check their users' display names for malicious characters.", }, { lang: "es", value: "Gogs es un servicio Git de código abierto auto alojado. En versiones de gogs anteriores a 0.12.9 \"DisplayName\" no filtra la entrada de caracteres de los usuarios, lo que conlleva a una vulnerabilidad de tipo XSS cuando es mostrado directamente en la lista de problemas. Este problema ha sido resuelto en el commit 155cae1d que sanea \"DisplayName\" antes de mostrarlo al usuario. Es recomendado a todos los usuarios de gogs actualizar. Los usuarios que no puedan actualizarse deberían comprobar si los nombres de pantalla de sus usuarios contienen caracteres maliciosos", }, ], id: "CVE-2022-31038", lastModified: "2024-11-21T07:03:45.870", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "NONE", baseScore: 3.5, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:S/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 6.8, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.4, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.3, impactScore: 2.7, source: "security-advisories@github.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.4, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.3, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-06-09T17:15:09.917", references: [ { source: "security-advisories@github.com", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/gogs/gogs/commit/155cae1de8916fc3fde78f350763034b7422caee", }, { source: "security-advisories@github.com", tags: [ "Issue Tracking", "Third Party Advisory", ], url: "https://github.com/gogs/gogs/pull/7009", }, { source: "security-advisories@github.com", tags: [ "Issue Tracking", "Third Party Advisory", ], url: "https://github.com/gogs/gogs/security/advisories/GHSA-xq4v-vrp9-vcf2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/gogs/gogs/commit/155cae1de8916fc3fde78f350763034b7422caee", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Third Party Advisory", ], url: "https://github.com/gogs/gogs/pull/7009", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Third Party Advisory", ], url: "https://github.com/gogs/gogs/security/advisories/GHSA-xq4v-vrp9-vcf2", }, ], sourceIdentifier: "security-advisories@github.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "security-advisories@github.com", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-06-09 17:15
Modified
2024-11-21 06:41
Severity ?
Summary
Path Traversal in GitHub repository gogs/gogs prior to 0.12.9.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| security@huntr.dev | https://github.com/gogs/gogs/commit/2ca014250fbf0bba94c914d9e43b1f6d8eca3bb0 | Patch, Third Party Advisory | |
| security@huntr.dev | https://huntr.dev/bounties/2e8cdc57-a9cf-46ae-9088-87f09e6c90ab | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/gogs/gogs/commit/2ca014250fbf0bba94c914d9e43b1f6d8eca3bb0 | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://huntr.dev/bounties/2e8cdc57-a9cf-46ae-9088-87f09e6c90ab | Exploit, Third Party Advisory |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:gogs:gogs:*:*:*:*:*:*:*:*", matchCriteriaId: "4DAD0C2A-2575-4160-90B2-D024A0A41B0A", versionEndExcluding: "0.12.9", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", matchCriteriaId: "A2572D17-1DE6-457B-99CC-64AFD54487EA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Path Traversal in GitHub repository gogs/gogs prior to 0.12.9.", }, { lang: "es", value: "Un Salto de Ruta en el repositorio de GitHub gogs/gogs versiones anteriores a 0.12.9", }, ], id: "CVE-2022-1992", lastModified: "2024-11-21T06:41:54.357", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.4, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:N/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 4.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 10, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 6, source: "security@huntr.dev", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.1, baseSeverity: "CRITICAL", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.2, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-06-09T17:15:08.683", references: [ { source: "security@huntr.dev", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/gogs/gogs/commit/2ca014250fbf0bba94c914d9e43b1f6d8eca3bb0", }, { source: "security@huntr.dev", tags: [ "Exploit", "Third Party Advisory", ], url: "https://huntr.dev/bounties/2e8cdc57-a9cf-46ae-9088-87f09e6c90ab", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/gogs/gogs/commit/2ca014250fbf0bba94c914d9e43b1f6d8eca3bb0", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://huntr.dev/bounties/2e8cdc57-a9cf-46ae-9088-87f09e6c90ab", }, ], sourceIdentifier: "security@huntr.dev", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-22", }, ], source: "security@huntr.dev", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-22", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2024-07-04 16:15
Modified
2025-04-10 13:44
Severity ?
9.9 (Critical) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
9.9 (Critical) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
9.9 (Critical) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Summary
Gogs through 0.13.0 allows argument injection during the previewing of changes.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://github.com/gogs/gogs/releases | Release Notes | |
| cve@mitre.org | https://www.sonarsource.com/blog/securing-developer-tools-unpatched-code-vulnerabilities-in-gogs-1/ | Third Party Advisory, Exploit, Mitigation | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/gogs/gogs/releases | Release Notes | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.sonarsource.com/blog/securing-developer-tools-unpatched-code-vulnerabilities-in-gogs-1/ | Third Party Advisory, Exploit, Mitigation |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:gogs:gogs:*:*:*:*:*:*:*:*", matchCriteriaId: "5634A605-49DE-459E-ADE6-2E65D89321BD", versionEndIncluding: "0.13.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Gogs through 0.13.0 allows argument injection during the previewing of changes.", }, { lang: "es", value: "Gogs hasta 0.13.0 permite la inyección de argumentos durante la vista previa de los cambios.", }, ], id: "CVE-2024-39932", lastModified: "2025-04-10T13:44:52.103", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.9, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.1, impactScore: 6, source: "cve@mitre.org", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.9, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.1, impactScore: 6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2024-07-04T16:15:02.707", references: [ { source: "cve@mitre.org", tags: [ "Release Notes", ], url: "https://github.com/gogs/gogs/releases", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "Exploit", "Mitigation", ], url: "https://www.sonarsource.com/blog/securing-developer-tools-unpatched-code-vulnerabilities-in-gogs-1/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", ], url: "https://github.com/gogs/gogs/releases", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "Exploit", "Mitigation", ], url: "https://www.sonarsource.com/blog/securing-developer-tools-unpatched-code-vulnerabilities-in-gogs-1/", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Analyzed", weaknesses: [ { description: [ { lang: "en", value: "CWE-94", }, ], source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2022-05-05 14:15
Modified
2024-11-21 06:40
Severity ?
Summary
Stored xss bug in GitHub repository gogs/gogs prior to 0.12.7. As the repo is public , any user can view the report and when open the attachment then xss is executed. This bug allow executed any javascript code in victim account .
References
| ▼ | URL | Tags | |
|---|---|---|---|
| security@huntr.dev | https://github.com/gogs/gogs/commit/bc77440b301ac8780698be91dff1ac33b7cee850 | Patch, Third Party Advisory | |
| security@huntr.dev | https://huntr.dev/bounties/34a12146-3a5d-4efc-a0f8-7a3ae04b198d | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/gogs/gogs/commit/bc77440b301ac8780698be91dff1ac33b7cee850 | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://huntr.dev/bounties/34a12146-3a5d-4efc-a0f8-7a3ae04b198d | Exploit, Third Party Advisory |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:gogs:gogs:*:*:*:*:*:*:*:*", matchCriteriaId: "29733251-D132-49EF-A387-88B54749F501", versionEndExcluding: "0.12.7", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Stored xss bug in GitHub repository gogs/gogs prior to 0.12.7. As the repo is public , any user can view the report and when open the attachment then xss is executed. This bug allow executed any javascript code in victim account .", }, { lang: "es", value: "Un bug de tipo xss almacenado en el repositorio de GitHub gogs/gogs versiones anteriores a 0.12.7. Como el repositorio es público, cualquier usuario puede visualizar el informe y cuando abre el archivo adjunto es ejecutado el ataque de tipo xss. Este error permite ejecutar cualquier código javascript en la cuenta de la víctima", }, ], id: "CVE-2022-1464", lastModified: "2024-11-21T06:40:46.477", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "NONE", baseScore: 3.5, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:S/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 6.8, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 7.3, baseSeverity: "HIGH", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 3.4, source: "security@huntr.dev", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.4, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.3, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-05-05T14:15:08.010", references: [ { source: "security@huntr.dev", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/gogs/gogs/commit/bc77440b301ac8780698be91dff1ac33b7cee850", }, { source: "security@huntr.dev", tags: [ "Exploit", "Third Party Advisory", ], url: "https://huntr.dev/bounties/34a12146-3a5d-4efc-a0f8-7a3ae04b198d", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/gogs/gogs/commit/bc77440b301ac8780698be91dff1ac33b7cee850", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://huntr.dev/bounties/34a12146-3a5d-4efc-a0f8-7a3ae04b198d", }, ], sourceIdentifier: "security@huntr.dev", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "security@huntr.dev", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-79", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2024-07-04 16:15
Modified
2025-04-10 13:45
Severity ?
7.7 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
7.7 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
7.7 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
Summary
Gogs through 0.13.0 allows argument injection during the tagging of a new release.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://github.com/gogs/gogs/releases | Release Notes | |
| cve@mitre.org | https://www.sonarsource.com/blog/securing-developer-tools-unpatched-code-vulnerabilities-in-gogs-1/ | Third Party Advisory, Exploit, Mitigation | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/gogs/gogs/releases | Release Notes | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.sonarsource.com/blog/securing-developer-tools-unpatched-code-vulnerabilities-in-gogs-1/ | Third Party Advisory, Exploit, Mitigation |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:gogs:gogs:*:*:*:*:*:*:*:*", matchCriteriaId: "5634A605-49DE-459E-ADE6-2E65D89321BD", versionEndIncluding: "0.13.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Gogs through 0.13.0 allows argument injection during the tagging of a new release.", }, { lang: "es", value: "Gogs hasta 0.13.0 permite la inyección de argumentos durante el etiquetado de una nueva versión.", }, ], id: "CVE-2024-39933", lastModified: "2025-04-10T13:45:38.273", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.7, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 3.1, impactScore: 4, source: "cve@mitre.org", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.7, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 3.1, impactScore: 4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2024-07-04T16:15:02.900", references: [ { source: "cve@mitre.org", tags: [ "Release Notes", ], url: "https://github.com/gogs/gogs/releases", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "Exploit", "Mitigation", ], url: "https://www.sonarsource.com/blog/securing-developer-tools-unpatched-code-vulnerabilities-in-gogs-1/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", ], url: "https://github.com/gogs/gogs/releases", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "Exploit", "Mitigation", ], url: "https://www.sonarsource.com/blog/securing-developer-tools-unpatched-code-vulnerabilities-in-gogs-1/", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Analyzed", weaknesses: [ { description: [ { lang: "en", value: "CWE-88", }, ], source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2023-02-25 08:15
Modified
2024-11-21 07:00
Severity ?
Summary
OS Command Injection in GitHub repository gogs/gogs prior to 0.12.11.
References
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:gogs:gogs:*:*:*:*:*:*:*:*", matchCriteriaId: "57BD1B53-2A2C-47F5-892D-1C4880E5B1B9", versionEndExcluding: "0.12.11", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "OS Command Injection in GitHub repository gogs/gogs prior to 0.12.11.", }, ], id: "CVE-2022-2024", lastModified: "2024-11-21T07:00:11.533", metrics: { cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "security@huntr.dev", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-02-25T08:15:09.817", references: [ { source: "security@huntr.dev", tags: [ "Patch", ], url: "https://github.com/gogs/gogs/commit/15d0d6a94be0098a8227b6b95bdf2daed105ec41", }, { source: "security@huntr.dev", tags: [ "Exploit", "Patch", ], url: "https://huntr.dev/bounties/18cf9256-23ab-4098-a769-85f8da130f97", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "https://github.com/gogs/gogs/commit/15d0d6a94be0098a8227b6b95bdf2daed105ec41", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Patch", ], url: "https://huntr.dev/bounties/18cf9256-23ab-4098-a769-85f8da130f97", }, ], sourceIdentifier: "security@huntr.dev", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-78", }, ], source: "security@huntr.dev", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2024-11-15 17:15
Modified
2024-11-21 09:36
Severity ?
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
Gogs <=0.13.0 is vulnerable to Directory Traversal via the editFilePost function of internal/route/repo/editor.go.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://fysac.github.io/posts/2024/11/unpatched-remote-code-execution-in-gogs/ | Exploit, Third Party Advisory | |
| cve@mitre.org | https://gogs.io/ | Product |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:gogs:gogs:*:*:*:*:*:*:*:*", matchCriteriaId: "5634A605-49DE-459E-ADE6-2E65D89321BD", versionEndIncluding: "0.13.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Gogs <=0.13.0 is vulnerable to Directory Traversal via the editFilePost function of internal/route/repo/editor.go.", }, { lang: "es", value: "Gogs <=0.13.0 es vulnerable a la navegación de Directory Traversal de la función editFilePost de internal/route/repo/editor.go.", }, ], id: "CVE-2024-44625", lastModified: "2024-11-21T09:36:48.733", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }, published: "2024-11-15T17:15:20.260", references: [ { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://fysac.github.io/posts/2024/11/unpatched-remote-code-execution-in-gogs/", }, { source: "cve@mitre.org", tags: [ "Product", ], url: "https://gogs.io/", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-22", }, ], source: "nvd@nist.gov", type: "Primary", }, { description: [ { lang: "en", value: "CWE-22", }, ], source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2018-08-08 02:29
Modified
2024-11-21 03:50
Severity ?
Summary
An SSRF vulnerability in webhooks in Gitea through 1.5.0-rc2 and Gogs through 0.11.53 allows remote attackers to access intranet services.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://github.com/go-gitea/gitea/issues/4624 | Issue Tracking, Third Party Advisory | |
| cve@mitre.org | https://github.com/gogs/gogs/issues/5366 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/go-gitea/gitea/issues/4624 | Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/gogs/gogs/issues/5366 | Third Party Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:gitea:gitea:*:*:*:*:*:*:*:*", matchCriteriaId: "A245EAFE-88C9-470E-9B7A-F8D32F25E2A2", versionEndExcluding: "1.5.0", vulnerable: true, }, { criteria: "cpe:2.3:a:gitea:gitea:1.5.0:rc1:*:*:*:*:*:*", matchCriteriaId: "874A1062-D5F9-4601-9DE0-4D205DF0E29A", vulnerable: true, }, { criteria: "cpe:2.3:a:gitea:gitea:1.5.0:rc2:*:*:*:*:*:*", matchCriteriaId: "9A2A9763-A3D0-447F-8D7E-3E12AB28E6C0", vulnerable: true, }, { criteria: "cpe:2.3:a:gogs:gogs:*:*:*:*:*:*:*:*", matchCriteriaId: "D983AEBA-5615-4545-871A-1C17FC38FA1C", versionEndIncluding: "0.11.53", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An SSRF vulnerability in webhooks in Gitea through 1.5.0-rc2 and Gogs through 0.11.53 allows remote attackers to access intranet services.", }, { lang: "es", value: "Una vulnerabilidad de Server-Side Request Forgery (SSRF) en webhooks en Gitea hasta la versión 1.5.0-rc2 y Gogs hasta la versión 0.11.53 permite que los atacantes remotos accedan a los servicios de la intranet.", }, ], id: "CVE-2018-15192", lastModified: "2024-11-21T03:50:30.170", metrics: { cvssMetricV2: [ { acInsufInfo: true, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 8.6, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-08-08T02:29:00.273", references: [ { source: "cve@mitre.org", tags: [ "Issue Tracking", "Third Party Advisory", ], url: "https://github.com/go-gitea/gitea/issues/4624", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://github.com/gogs/gogs/issues/5366", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Third Party Advisory", ], url: "https://github.com/go-gitea/gitea/issues/4624", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://github.com/gogs/gogs/issues/5366", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-918", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-03-11 12:15
Modified
2024-11-21 06:39
Severity ?
Summary
Missing Authorization in GitHub repository gogs/gogs prior to 0.12.5.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| security@huntr.dev | https://github.com/gogs/gogs/commit/64102be2c90e1b47dbdd379873ba76c80d4b0e78 | Patch, Third Party Advisory | |
| security@huntr.dev | https://huntr.dev/bounties/ea82cfc9-b55c-41fe-ae58-0d0e0bd7ab62 | Exploit, Issue Tracking, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/gogs/gogs/commit/64102be2c90e1b47dbdd379873ba76c80d4b0e78 | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://huntr.dev/bounties/ea82cfc9-b55c-41fe-ae58-0d0e0bd7ab62 | Exploit, Issue Tracking, Patch, Third Party Advisory |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:gogs:gogs:*:*:*:*:*:*:*:*", matchCriteriaId: "BA3DD858-E721-489E-B886-56B23A6F6325", versionEndExcluding: "0.12.5", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Missing Authorization in GitHub repository gogs/gogs prior to 0.12.5.", }, { lang: "es", value: "Una Autorización Inapropiada en el repositorio de GitHub gogs/gogs versiones anteriores a 0.12.5", }, ], id: "CVE-2022-0871", lastModified: "2024-11-21T06:39:34.323", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 4.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 8.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 4.2, source: "security@huntr.dev", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 9.1, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.2, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-03-11T12:15:07.667", references: [ { source: "security@huntr.dev", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/gogs/gogs/commit/64102be2c90e1b47dbdd379873ba76c80d4b0e78", }, { source: "security@huntr.dev", tags: [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://huntr.dev/bounties/ea82cfc9-b55c-41fe-ae58-0d0e0bd7ab62", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/gogs/gogs/commit/64102be2c90e1b47dbdd379873ba76c80d4b0e78", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://huntr.dev/bounties/ea82cfc9-b55c-41fe-ae58-0d0e0bd7ab62", }, ], sourceIdentifier: "security@huntr.dev", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-862", }, ], source: "security@huntr.dev", type: "Primary", }, { description: [ { lang: "en", value: "CWE-862", }, ], source: "nvd@nist.gov", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2019-08-02 22:15
Modified
2024-11-21 04:26
Severity ?
Summary
routes/api/v1/api.go in Gogs 0.11.86 lacks permission checks for routes: deploy keys, collaborators, and hooks.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://github.com/gogs/gogs/issues/5764 | Issue Tracking, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/gogs/gogs/issues/5764 | Issue Tracking, Patch, Third Party Advisory |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:gogs:gogs:0.11.86:*:*:*:*:*:*:*", matchCriteriaId: "82A53A05-6C38-4E68-8C83-BD7541B3815B", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "routes/api/v1/api.go in Gogs 0.11.86 lacks permission checks for routes: deploy keys, collaborators, and hooks.", }, { lang: "es", value: "En el archivo routes/api/v1/api.go en Gogs versión 0.11.86, carece de comprobaciones de permisos para las rutas: deploy keys, collaborators y hooks.", }, ], id: "CVE-2019-14544", lastModified: "2024-11-21T04:26:56.217", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-08-02T22:15:14.457", references: [ { source: "cve@mitre.org", tags: [ "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://github.com/gogs/gogs/issues/5764", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://github.com/gogs/gogs/issues/5764", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-862", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-06-21 20:15
Modified
2024-11-21 05:04
Severity ?
Summary
In Gogs 0.11.91, MakeEmailPrimary in models/user_mail.go lacks a "not the owner of the email" check.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://github.com/gogs/gogs/commit/82ff0c5852f29daa5f95d965fd50665581e7ea3c | Patch, Third Party Advisory | |
| cve@mitre.org | https://github.com/gogs/gogs/pull/5988 | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/gogs/gogs/commit/82ff0c5852f29daa5f95d965fd50665581e7ea3c | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/gogs/gogs/pull/5988 | Patch, Third Party Advisory |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:gogs:gogs:0.11.91:*:*:*:*:*:*:*", matchCriteriaId: "410CBAD0-A40A-4F7D-845C-4C218F7FAA6C", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "In Gogs 0.11.91, MakeEmailPrimary in models/user_mail.go lacks a \"not the owner of the email\" check.", }, { lang: "es", value: "En Gogs versión 0.11.91, la función MakeEmailPrimary en el archivo models/user_mail.go carece de una comprobación de \"not the owner of the email\"", }, ], id: "CVE-2020-14958", lastModified: "2024-11-21T05:04:31.060", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "NONE", baseScore: 4, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:S/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 8, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-06-21T20:15:09.533", references: [ { source: "cve@mitre.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/gogs/gogs/commit/82ff0c5852f29daa5f95d965fd50665581e7ea3c", }, { source: "cve@mitre.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/gogs/gogs/pull/5988", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/gogs/gogs/commit/82ff0c5852f29daa5f95d965fd50665581e7ea3c", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/gogs/gogs/pull/5988", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-281", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
CVE-2022-2024 (GCVE-0-2022-2024)
Vulnerability from cvelistv5
Published
2023-02-25 00:00
Modified
2025-03-11 15:39
Severity ?
EPSS score ?
Summary
OS Command Injection in GitHub repository gogs/gogs prior to 0.12.11.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T00:24:44.184Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://huntr.dev/bounties/18cf9256-23ab-4098-a769-85f8da130f97", }, { tags: [ "x_transferred", ], url: "https://github.com/gogs/gogs/commit/15d0d6a94be0098a8227b6b95bdf2daed105ec41", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2022-2024", options: [ { Exploitation: "poc", }, { Automatable: "yes", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-03-11T15:39:21.393919Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-03-11T15:39:29.120Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "gogs/gogs", vendor: "gogs", versions: [ { lessThan: "0.12.11", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "OS Command Injection in GitHub repository gogs/gogs prior to 0.12.11.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-78", description: "CWE-78 Improper Neutralization of Special Elements used in an OS Command", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-02-25T00:00:00.000Z", orgId: "c09c270a-b464-47c1-9133-acb35b22c19a", shortName: "@huntrdev", }, references: [ { url: "https://huntr.dev/bounties/18cf9256-23ab-4098-a769-85f8da130f97", }, { url: "https://github.com/gogs/gogs/commit/15d0d6a94be0098a8227b6b95bdf2daed105ec41", }, ], source: { advisory: "18cf9256-23ab-4098-a769-85f8da130f97", discovery: "EXTERNAL", }, title: "OS Command Injection in gogs/gogs", }, }, cveMetadata: { assignerOrgId: "c09c270a-b464-47c1-9133-acb35b22c19a", assignerShortName: "@huntrdev", cveId: "CVE-2022-2024", datePublished: "2023-02-25T00:00:00.000Z", dateReserved: "2022-06-08T00:00:00.000Z", dateUpdated: "2025-03-11T15:39:29.120Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2024-39932 (GCVE-0-2024-39932)
Vulnerability from cvelistv5
Published
2024-07-04 00:00
Modified
2024-08-02 04:33
Severity ?
EPSS score ?
Summary
Gogs through 0.13.0 allows argument injection during the previewing of changes.
References
{ containers: { adp: [ { affected: [ { cpes: [ "cpe:2.3:a:gogs:gogs:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "gogs", vendor: "gogs", versions: [ { status: "affected", version: "0.13.0", }, ], }, ], metrics: [ { other: { content: { id: "CVE-2024-39932", options: [ { Exploitation: "poc", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-07-05T13:59:14.874329Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-94", description: "CWE-94 Improper Control of Generation of Code ('Code Injection')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-07-05T14:01:48.922Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, { providerMetadata: { dateUpdated: "2024-08-02T04:33:11.786Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://github.com/gogs/gogs/releases", }, { tags: [ "x_transferred", ], url: "https://www.sonarsource.com/blog/securing-developer-tools-unpatched-code-vulnerabilities-in-gogs-1/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Gogs through 0.13.0 allows argument injection during the previewing of changes.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.9, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:N/A:H/C:H/I:H/PR:L/S:C/UI:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2024-07-04T15:42:21.706780", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { url: "https://github.com/gogs/gogs/releases", }, { url: "https://www.sonarsource.com/blog/securing-developer-tools-unpatched-code-vulnerabilities-in-gogs-1/", }, ], }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2024-39932", datePublished: "2024-07-04T00:00:00", dateReserved: "2024-07-04T00:00:00", dateUpdated: "2024-08-02T04:33:11.786Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2018-15193 (GCVE-0-2018-15193)
Vulnerability from cvelistv5
Published
2018-08-08 02:00
Modified
2024-09-16 19:05
Severity ?
EPSS score ?
Summary
A CSRF vulnerability in the admin panel in Gogs through 0.11.53 allows remote attackers to execute admin operations via a crafted issue / link.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/gogs/gogs/issues/5367 | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T09:46:25.457Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/gogs/gogs/issues/5367", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "A CSRF vulnerability in the admin panel in Gogs through 0.11.53 allows remote attackers to execute admin operations via a crafted issue / link.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-08-08T02:00:00Z", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://github.com/gogs/gogs/issues/5367", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2018-15193", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A CSRF vulnerability in the admin panel in Gogs through 0.11.53 allows remote attackers to execute admin operations via a crafted issue / link.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/gogs/gogs/issues/5367", refsource: "MISC", url: "https://github.com/gogs/gogs/issues/5367", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2018-15193", datePublished: "2018-08-08T02:00:00Z", dateReserved: "2018-08-07T00:00:00Z", dateUpdated: "2024-09-16T19:05:24.057Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2024-54148 (GCVE-0-2024-54148)
Vulnerability from cvelistv5
Published
2024-12-23 15:22
Modified
2024-12-24 01:52
Severity ?
EPSS score ?
Summary
Gogs is an open source self-hosted Git service. A malicious user is able to commit and edit a crafted symlink file to a repository to gain SSH access to the server. The vulnerability is fixed in 0.13.1.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/gogs/gogs/security/advisories/GHSA-r7j8-5h9c-f6fx | x_refsource_CONFIRM | |
| https://github.com/gogs/gogs/issues/7582 | x_refsource_MISC | |
| https://github.com/gogs/gogs/pull/7857 | x_refsource_MISC | |
| https://github.com/gogs/gogs/commit/c94baec9ca923f38c19f0c7c5af722b9ec04022a | x_refsource_MISC |
{ containers: { adp: [ { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2024-54148", options: [ { Exploitation: "poc", }, { Automatable: "yes", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-12-24T01:52:15.112862Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-12-24T01:52:58.173Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "gogs", vendor: "gogs", versions: [ { status: "affected", version: "< 0.13.1", }, ], }, ], descriptions: [ { lang: "en", value: "Gogs is an open source self-hosted Git service. A malicious user is able to commit and edit a crafted symlink file to a repository to gain SSH access to the server. The vulnerability is fixed in 0.13.1.", }, ], metrics: [ { cvssV4_0: { attackComplexity: "LOW", attackRequirements: "NONE", attackVector: "NETWORK", baseScore: 8.7, baseSeverity: "HIGH", privilegesRequired: "LOW", subAvailabilityImpact: "NONE", subConfidentialityImpact: "NONE", subIntegrityImpact: "NONE", userInteraction: "NONE", vectorString: "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", version: "4.0", vulnAvailabilityImpact: "HIGH", vulnConfidentialityImpact: "HIGH", vulnIntegrityImpact: "HIGH", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-61", description: "CWE-61: UNIX Symbolic Link (Symlink) Following", lang: "en", type: "CWE", }, ], }, { descriptions: [ { cweId: "CWE-22", description: "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-12-23T15:22:48.244Z", orgId: "a0819718-46f1-4df5-94e2-005712e83aaa", shortName: "GitHub_M", }, references: [ { name: "https://github.com/gogs/gogs/security/advisories/GHSA-r7j8-5h9c-f6fx", tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/gogs/gogs/security/advisories/GHSA-r7j8-5h9c-f6fx", }, { name: "https://github.com/gogs/gogs/issues/7582", tags: [ "x_refsource_MISC", ], url: "https://github.com/gogs/gogs/issues/7582", }, { name: "https://github.com/gogs/gogs/pull/7857", tags: [ "x_refsource_MISC", ], url: "https://github.com/gogs/gogs/pull/7857", }, { name: "https://github.com/gogs/gogs/commit/c94baec9ca923f38c19f0c7c5af722b9ec04022a", tags: [ "x_refsource_MISC", ], url: "https://github.com/gogs/gogs/commit/c94baec9ca923f38c19f0c7c5af722b9ec04022a", }, ], source: { advisory: "GHSA-r7j8-5h9c-f6fx", discovery: "UNKNOWN", }, title: "Gogs has a Path Traversal in file editing UI", }, }, cveMetadata: { assignerOrgId: "a0819718-46f1-4df5-94e2-005712e83aaa", assignerShortName: "GitHub_M", cveId: "CVE-2024-54148", datePublished: "2024-12-23T15:22:48.244Z", dateReserved: "2024-11-29T18:02:16.756Z", dateUpdated: "2024-12-24T01:52:58.173Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2022-1992 (GCVE-0-2022-1992)
Vulnerability from cvelistv5
Published
2022-06-08 13:30
Modified
2024-08-03 00:24
Severity ?
EPSS score ?
Summary
Path Traversal in GitHub repository gogs/gogs prior to 0.12.9.
References
| ▼ | URL | Tags |
|---|---|---|
| https://huntr.dev/bounties/2e8cdc57-a9cf-46ae-9088-87f09e6c90ab | x_refsource_CONFIRM | |
| https://github.com/gogs/gogs/commit/2ca014250fbf0bba94c914d9e43b1f6d8eca3bb0 | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T00:24:43.718Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://huntr.dev/bounties/2e8cdc57-a9cf-46ae-9088-87f09e6c90ab", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/gogs/gogs/commit/2ca014250fbf0bba94c914d9e43b1f6d8eca3bb0", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "gogs/gogs", vendor: "gogs", versions: [ { lessThan: "0.12.9", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "Path Traversal in GitHub repository gogs/gogs prior to 0.12.9.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 10, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-22", description: "CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-06-08T13:30:14", orgId: "c09c270a-b464-47c1-9133-acb35b22c19a", shortName: "@huntrdev", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://huntr.dev/bounties/2e8cdc57-a9cf-46ae-9088-87f09e6c90ab", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/gogs/gogs/commit/2ca014250fbf0bba94c914d9e43b1f6d8eca3bb0", }, ], source: { advisory: "2e8cdc57-a9cf-46ae-9088-87f09e6c90ab", discovery: "EXTERNAL", }, title: "Path Traversal in gogs/gogs", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@huntr.dev", ID: "CVE-2022-1992", STATE: "PUBLIC", TITLE: "Path Traversal in gogs/gogs", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "gogs/gogs", version: { version_data: [ { version_affected: "<", version_value: "0.12.9", }, ], }, }, ], }, vendor_name: "gogs", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Path Traversal in GitHub repository gogs/gogs prior to 0.12.9.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 10, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", }, ], }, ], }, references: { reference_data: [ { name: "https://huntr.dev/bounties/2e8cdc57-a9cf-46ae-9088-87f09e6c90ab", refsource: "CONFIRM", url: "https://huntr.dev/bounties/2e8cdc57-a9cf-46ae-9088-87f09e6c90ab", }, { name: "https://github.com/gogs/gogs/commit/2ca014250fbf0bba94c914d9e43b1f6d8eca3bb0", refsource: "MISC", url: "https://github.com/gogs/gogs/commit/2ca014250fbf0bba94c914d9e43b1f6d8eca3bb0", }, ], }, source: { advisory: "2e8cdc57-a9cf-46ae-9088-87f09e6c90ab", discovery: "EXTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "c09c270a-b464-47c1-9133-acb35b22c19a", assignerShortName: "@huntrdev", cveId: "CVE-2022-1992", datePublished: "2022-06-08T13:30:14", dateReserved: "2022-06-03T00:00:00", dateUpdated: "2024-08-03T00:24:43.718Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2024-39930 (GCVE-0-2024-39930)
Vulnerability from cvelistv5
Published
2024-07-04 00:00
Modified
2024-08-28 15:22
Severity ?
EPSS score ?
Summary
The built-in SSH server of Gogs through 0.13.0 allows argument injection in internal/ssh/ssh.go, leading to remote code execution. Authenticated attackers can exploit this by opening an SSH connection and sending a malicious --split-string env request if the built-in SSH server is activated. Windows installations are unaffected.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-19T07:47:42.608Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://github.com/gogs/gogs/releases", }, { tags: [ "x_transferred", ], url: "https://www.sonarsource.com/blog/securing-developer-tools-unpatched-code-vulnerabilities-in-gogs-1/", }, { url: "https://www.vicarius.io/vsociety/posts/argument-injection-in-gogs-ssh-server-cve-2024-39930", }, ], title: "CVE Program Container", }, { affected: [ { cpes: [ "cpe:2.3:a:gogs:gogs:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "gogs", vendor: "gogs", versions: [ { lessThanOrEqual: "0.13.0", status: "affected", version: "0", versionType: "custom", }, ], }, ], metrics: [ { other: { content: { id: "CVE-2024-39930", options: [ { Exploitation: "poc", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-08-12T18:33:50.332021Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-88", description: "CWE-88 Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-08-12T18:39:08.150Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "The built-in SSH server of Gogs through 0.13.0 allows argument injection in internal/ssh/ssh.go, leading to remote code execution. Authenticated attackers can exploit this by opening an SSH connection and sending a malicious --split-string env request if the built-in SSH server is activated. Windows installations are unaffected.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.9, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:N/A:H/C:H/I:H/PR:L/S:C/UI:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2024-08-28T15:22:31.592925", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { url: "https://github.com/gogs/gogs/releases", }, { url: "https://www.sonarsource.com/blog/securing-developer-tools-unpatched-code-vulnerabilities-in-gogs-1/", }, { url: "https://www.vicarius.io/vsociety/posts/argument-injection-in-gogs-ssh-server-cve-2024-39930", }, ], }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2024-39930", datePublished: "2024-07-04T00:00:00", dateReserved: "2024-07-04T00:00:00", dateUpdated: "2024-08-28T15:22:31.592925", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2018-15192 (GCVE-0-2018-15192)
Vulnerability from cvelistv5
Published
2018-08-08 02:00
Modified
2024-09-16 17:22
Severity ?
EPSS score ?
Summary
An SSRF vulnerability in webhooks in Gitea through 1.5.0-rc2 and Gogs through 0.11.53 allows remote attackers to access intranet services.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/gogs/gogs/issues/5366 | x_refsource_MISC | |
| https://github.com/go-gitea/gitea/issues/4624 | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T09:46:25.386Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/gogs/gogs/issues/5366", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/go-gitea/gitea/issues/4624", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "An SSRF vulnerability in webhooks in Gitea through 1.5.0-rc2 and Gogs through 0.11.53 allows remote attackers to access intranet services.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-08-08T02:00:00Z", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://github.com/gogs/gogs/issues/5366", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/go-gitea/gitea/issues/4624", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2018-15192", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "An SSRF vulnerability in webhooks in Gitea through 1.5.0-rc2 and Gogs through 0.11.53 allows remote attackers to access intranet services.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/gogs/gogs/issues/5366", refsource: "MISC", url: "https://github.com/gogs/gogs/issues/5366", }, { name: "https://github.com/go-gitea/gitea/issues/4624", refsource: "MISC", url: "https://github.com/go-gitea/gitea/issues/4624", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2018-15192", datePublished: "2018-08-08T02:00:00Z", dateReserved: "2018-08-07T00:00:00Z", dateUpdated: "2024-09-16T17:22:51.053Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2020-15867 (GCVE-0-2020-15867)
Vulnerability from cvelistv5
Published
2020-10-16 13:04
Modified
2024-08-04 13:30
Severity ?
EPSS score ?
Summary
The git hook feature in Gogs 0.5.5 through 0.12.2 allows for authenticated remote code execution. There can be a privilege escalation if access to this hook feature is granted to a user who does not have administrative privileges. NOTE: because this is mentioned in the documentation but not in the UI, it could be considered a "Product UI does not Warn User of Unsafe Actions" issue.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T13:30:22.979Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.fzi.de/en/news/news/detail-en/artikel/fsa-2020-3-schwachstelle-in-gitea-1125-und-gogs-0122-ermoeglicht-ausfuehrung-von-code-nach-authent/", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://packetstormsecurity.com/files/162123/Gogs-Git-Hooks-Remote-Code-Execution.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "The git hook feature in Gogs 0.5.5 through 0.12.2 allows for authenticated remote code execution. There can be a privilege escalation if access to this hook feature is granted to a user who does not have administrative privileges. NOTE: because this is mentioned in the documentation but not in the UI, it could be considered a \"Product UI does not Warn User of Unsafe Actions\" issue.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-04-07T23:06:25", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://www.fzi.de/en/news/news/detail-en/artikel/fsa-2020-3-schwachstelle-in-gitea-1125-und-gogs-0122-ermoeglicht-ausfuehrung-von-code-nach-authent/", }, { tags: [ "x_refsource_MISC", ], url: "http://packetstormsecurity.com/files/162123/Gogs-Git-Hooks-Remote-Code-Execution.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2020-15867", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The git hook feature in Gogs 0.5.5 through 0.12.2 allows for authenticated remote code execution. There can be a privilege escalation if access to this hook feature is granted to a user who does not have administrative privileges. NOTE: because this is mentioned in the documentation but not in the UI, it could be considered a \"Product UI does not Warn User of Unsafe Actions\" issue.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://www.fzi.de/en/news/news/detail-en/artikel/fsa-2020-3-schwachstelle-in-gitea-1125-und-gogs-0122-ermoeglicht-ausfuehrung-von-code-nach-authent/", refsource: "MISC", url: "https://www.fzi.de/en/news/news/detail-en/artikel/fsa-2020-3-schwachstelle-in-gitea-1125-und-gogs-0122-ermoeglicht-ausfuehrung-von-code-nach-authent/", }, { name: "http://packetstormsecurity.com/files/162123/Gogs-Git-Hooks-Remote-Code-Execution.html", refsource: "MISC", url: "http://packetstormsecurity.com/files/162123/Gogs-Git-Hooks-Remote-Code-Execution.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2020-15867", datePublished: "2020-10-16T13:04:43", dateReserved: "2020-07-21T00:00:00", dateUpdated: "2024-08-04T13:30:22.979Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2024-44625 (GCVE-0-2024-44625)
Vulnerability from cvelistv5
Published
2024-11-15 00:00
Modified
2024-11-20 20:20
Severity ?
EPSS score ?
Summary
Gogs <=0.13.0 is vulnerable to Directory Traversal via the editFilePost function of internal/route/repo/editor.go.
References
{ containers: { adp: [ { affected: [ { cpes: [ "cpe:2.3:a:gogs:gogs:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "gogs", vendor: "gogs", versions: [ { lessThanOrEqual: "0.13.0", status: "affected", version: "0", versionType: "custom", }, ], }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2024-44625", options: [ { Exploitation: "poc", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-11-20T20:17:42.168454Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-22", description: "CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-11-20T20:20:11.482Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Gogs <=0.13.0 is vulnerable to Directory Traversal via the editFilePost function of internal/route/repo/editor.go.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2024-11-15T16:54:07.175505", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { url: "https://gogs.io/", }, { url: "https://fysac.github.io/posts/2024/11/unpatched-remote-code-execution-in-gogs/", }, ], }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2024-44625", datePublished: "2024-11-15T00:00:00", dateReserved: "2024-08-21T00:00:00", dateUpdated: "2024-11-20T20:20:11.482Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2022-1993 (GCVE-0-2022-1993)
Vulnerability from cvelistv5
Published
2022-06-08 13:55
Modified
2024-08-03 00:24
Severity ?
EPSS score ?
Summary
Path Traversal in GitHub repository gogs/gogs prior to 0.12.9.
References
| ▼ | URL | Tags |
|---|---|---|
| https://huntr.dev/bounties/22f9c074-cf60-4c67-b5c4-72fdf312609d | x_refsource_CONFIRM | |
| https://github.com/gogs/gogs/commit/9bf748b6c4c9a17d3aa77f6b9abcfae65451febf | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T00:24:44.031Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://huntr.dev/bounties/22f9c074-cf60-4c67-b5c4-72fdf312609d", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/gogs/gogs/commit/9bf748b6c4c9a17d3aa77f6b9abcfae65451febf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "gogs/gogs", vendor: "gogs", versions: [ { lessThan: "0.12.9", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "Path Traversal in GitHub repository gogs/gogs prior to 0.12.9.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-22", description: "CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-06-08T13:55:11", orgId: "c09c270a-b464-47c1-9133-acb35b22c19a", shortName: "@huntrdev", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://huntr.dev/bounties/22f9c074-cf60-4c67-b5c4-72fdf312609d", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/gogs/gogs/commit/9bf748b6c4c9a17d3aa77f6b9abcfae65451febf", }, ], source: { advisory: "22f9c074-cf60-4c67-b5c4-72fdf312609d", discovery: "EXTERNAL", }, title: "Path Traversal in gogs/gogs", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@huntr.dev", ID: "CVE-2022-1993", STATE: "PUBLIC", TITLE: "Path Traversal in gogs/gogs", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "gogs/gogs", version: { version_data: [ { version_affected: "<", version_value: "0.12.9", }, ], }, }, ], }, vendor_name: "gogs", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Path Traversal in GitHub repository gogs/gogs prior to 0.12.9.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", }, ], }, ], }, references: { reference_data: [ { name: "https://huntr.dev/bounties/22f9c074-cf60-4c67-b5c4-72fdf312609d", refsource: "CONFIRM", url: "https://huntr.dev/bounties/22f9c074-cf60-4c67-b5c4-72fdf312609d", }, { name: "https://github.com/gogs/gogs/commit/9bf748b6c4c9a17d3aa77f6b9abcfae65451febf", refsource: "MISC", url: "https://github.com/gogs/gogs/commit/9bf748b6c4c9a17d3aa77f6b9abcfae65451febf", }, ], }, source: { advisory: "22f9c074-cf60-4c67-b5c4-72fdf312609d", discovery: "EXTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "c09c270a-b464-47c1-9133-acb35b22c19a", assignerShortName: "@huntrdev", cveId: "CVE-2022-1993", datePublished: "2022-06-08T13:55:11", dateReserved: "2022-06-03T00:00:00", dateUpdated: "2024-08-03T00:24:44.031Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2020-14958 (GCVE-0-2020-14958)
Vulnerability from cvelistv5
Published
2020-06-21 19:57
Modified
2024-08-04 13:00
Severity ?
EPSS score ?
Summary
In Gogs 0.11.91, MakeEmailPrimary in models/user_mail.go lacks a "not the owner of the email" check.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/gogs/gogs/commit/82ff0c5852f29daa5f95d965fd50665581e7ea3c | x_refsource_MISC | |
| https://github.com/gogs/gogs/pull/5988 | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T13:00:52.064Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/gogs/gogs/commit/82ff0c5852f29daa5f95d965fd50665581e7ea3c", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/gogs/gogs/pull/5988", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "In Gogs 0.11.91, MakeEmailPrimary in models/user_mail.go lacks a \"not the owner of the email\" check.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-06-21T19:57:21", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://github.com/gogs/gogs/commit/82ff0c5852f29daa5f95d965fd50665581e7ea3c", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/gogs/gogs/pull/5988", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2020-14958", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "In Gogs 0.11.91, MakeEmailPrimary in models/user_mail.go lacks a \"not the owner of the email\" check.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/gogs/gogs/commit/82ff0c5852f29daa5f95d965fd50665581e7ea3c", refsource: "MISC", url: "https://github.com/gogs/gogs/commit/82ff0c5852f29daa5f95d965fd50665581e7ea3c", }, { name: "https://github.com/gogs/gogs/pull/5988", refsource: "MISC", url: "https://github.com/gogs/gogs/pull/5988", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2020-14958", datePublished: "2020-06-21T19:57:21", dateReserved: "2020-06-21T00:00:00", dateUpdated: "2024-08-04T13:00:52.064Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2021-32546 (GCVE-0-2021-32546)
Vulnerability from cvelistv5
Published
2022-05-31 21:21
Modified
2024-08-03 23:25
Severity ?
EPSS score ?
Summary
Missing input validation in internal/db/repo_editor.go in Gogs before 0.12.8 allows an attacker to execute code remotely. An unprivileged attacker (registered user) can overwrite the Git configuration in his repository. This leads to Remote Command Execution, because that configuration can contain an option such as sshCommand, which is executed when a master branch is a remote branch (using an ssh:// URI). The remote branch can also be configured by editing the Git configuration file. One can create a new file in a new repository, using the GUI, with "\" as its name, and then rename this file to .git/config with the custom configuration content (and then save it).
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/gogs/gogs/releases | x_refsource_MISC | |
| https://github.com/gogs/gogs/security/advisories/GHSA-56j7-2pm8-rgmx | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T23:25:30.533Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/gogs/gogs/releases", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/gogs/gogs/security/advisories/GHSA-56j7-2pm8-rgmx", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Missing input validation in internal/db/repo_editor.go in Gogs before 0.12.8 allows an attacker to execute code remotely. An unprivileged attacker (registered user) can overwrite the Git configuration in his repository. This leads to Remote Command Execution, because that configuration can contain an option such as sshCommand, which is executed when a master branch is a remote branch (using an ssh:// URI). The remote branch can also be configured by editing the Git configuration file. One can create a new file in a new repository, using the GUI, with \"\\\" as its name, and then rename this file to .git/config with the custom configuration content (and then save it).", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2022-05-31T21:21:18", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://github.com/gogs/gogs/releases", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/gogs/gogs/security/advisories/GHSA-56j7-2pm8-rgmx", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-32546", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Missing input validation in internal/db/repo_editor.go in Gogs before 0.12.8 allows an attacker to execute code remotely. An unprivileged attacker (registered user) can overwrite the Git configuration in his repository. This leads to Remote Command Execution, because that configuration can contain an option such as sshCommand, which is executed when a master branch is a remote branch (using an ssh:// URI). The remote branch can also be configured by editing the Git configuration file. One can create a new file in a new repository, using the GUI, with \"\\\" as its name, and then rename this file to .git/config with the custom configuration content (and then save it).", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/gogs/gogs/releases", refsource: "MISC", url: "https://github.com/gogs/gogs/releases", }, { name: "https://github.com/gogs/gogs/security/advisories/GHSA-56j7-2pm8-rgmx", refsource: "MISC", url: "https://github.com/gogs/gogs/security/advisories/GHSA-56j7-2pm8-rgmx", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-32546", datePublished: "2022-05-31T21:21:18", dateReserved: "2021-05-10T00:00:00", dateUpdated: "2024-08-03T23:25:30.533Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2024-39933 (GCVE-0-2024-39933)
Vulnerability from cvelistv5
Published
2024-07-04 00:00
Modified
2024-08-02 04:33
Severity ?
EPSS score ?
Summary
Gogs through 0.13.0 allows argument injection during the tagging of a new release.
References
{ containers: { adp: [ { affected: [ { cpes: [ "cpe:2.3:a:gogs:gogs:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "gogs", vendor: "gogs", versions: [ { lessThanOrEqual: "0.13.0", status: "affected", version: "0", versionType: "custom", }, ], }, ], metrics: [ { other: { content: { id: "CVE-2024-39933", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-07-11T20:46:31.663411Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-88", description: "CWE-88 Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-07-11T20:48:53.290Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, { providerMetadata: { dateUpdated: "2024-08-02T04:33:11.513Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://github.com/gogs/gogs/releases", }, { tags: [ "x_transferred", ], url: "https://www.sonarsource.com/blog/securing-developer-tools-unpatched-code-vulnerabilities-in-gogs-1/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Gogs through 0.13.0 allows argument injection during the tagging of a new release.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.7, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:N/A:N/C:H/I:N/PR:L/S:C/UI:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2024-07-04T15:42:05.057581", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { url: "https://github.com/gogs/gogs/releases", }, { url: "https://www.sonarsource.com/blog/securing-developer-tools-unpatched-code-vulnerabilities-in-gogs-1/", }, ], }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2024-39933", datePublished: "2024-07-04T00:00:00", dateReserved: "2024-07-04T00:00:00", dateUpdated: "2024-08-02T04:33:11.513Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2022-0871 (GCVE-0-2022-0871)
Vulnerability from cvelistv5
Published
2022-03-11 00:00
Modified
2024-08-02 23:40
Severity ?
EPSS score ?
Summary
Missing Authorization in GitHub repository gogs/gogs prior to 0.12.5.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T23:40:04.494Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://huntr.dev/bounties/ea82cfc9-b55c-41fe-ae58-0d0e0bd7ab62", }, { tags: [ "x_transferred", ], url: "https://github.com/gogs/gogs/commit/64102be2c90e1b47dbdd379873ba76c80d4b0e78", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "gogs/gogs", vendor: "gogs", versions: [ { lessThan: "0.12.5", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "Missing Authorization in GitHub repository gogs/gogs prior to 0.12.5.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 8.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-862", description: "CWE-862 Missing Authorization", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-06-29T00:00:00", orgId: "c09c270a-b464-47c1-9133-acb35b22c19a", shortName: "@huntrdev", }, references: [ { url: "https://huntr.dev/bounties/ea82cfc9-b55c-41fe-ae58-0d0e0bd7ab62", }, { url: "https://github.com/gogs/gogs/commit/64102be2c90e1b47dbdd379873ba76c80d4b0e78", }, ], source: { advisory: "ea82cfc9-b55c-41fe-ae58-0d0e0bd7ab62", discovery: "EXTERNAL", }, title: "Missing Authorization in gogs/gogs", }, }, cveMetadata: { assignerOrgId: "c09c270a-b464-47c1-9133-acb35b22c19a", assignerShortName: "@huntrdev", cveId: "CVE-2022-0871", datePublished: "2022-03-11T00:00:00", dateReserved: "2022-03-06T00:00:00", dateUpdated: "2024-08-02T23:40:04.494Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2018-17031 (GCVE-0-2018-17031)
Vulnerability from cvelistv5
Published
2018-09-14 02:00
Modified
2024-08-05 10:39
Severity ?
EPSS score ?
Summary
In Gogs 0.11.53, an attacker can use a crafted .eml file to trigger MIME type sniffing, which leads to XSS, as demonstrated by Internet Explorer, because an "X-Content-Type-Options: nosniff" header is not sent.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/gogs/gogs/issues/5397 | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T10:39:59.632Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/gogs/gogs/issues/5397", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2018-09-13T00:00:00", descriptions: [ { lang: "en", value: "In Gogs 0.11.53, an attacker can use a crafted .eml file to trigger MIME type sniffing, which leads to XSS, as demonstrated by Internet Explorer, because an \"X-Content-Type-Options: nosniff\" header is not sent.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-09-14T02:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://github.com/gogs/gogs/issues/5397", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2018-17031", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "In Gogs 0.11.53, an attacker can use a crafted .eml file to trigger MIME type sniffing, which leads to XSS, as demonstrated by Internet Explorer, because an \"X-Content-Type-Options: nosniff\" header is not sent.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/gogs/gogs/issues/5397", refsource: "MISC", url: "https://github.com/gogs/gogs/issues/5397", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2018-17031", datePublished: "2018-09-14T02:00:00", dateReserved: "2018-09-13T00:00:00", dateUpdated: "2024-08-05T10:39:59.632Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2022-31038 (GCVE-0-2022-31038)
Vulnerability from cvelistv5
Published
2022-06-08 17:40
Modified
2024-08-03 07:03
Severity ?
EPSS score ?
Summary
Gogs is an open source self-hosted Git service. In versions of gogs prior to 0.12.9 `DisplayName` does not filter characters input from users, which leads to an XSS vulnerability when directly displayed in the issue list. This issue has been resolved in commit 155cae1d which sanitizes `DisplayName` prior to display to the user. All users of gogs are advised to upgrade. Users unable to upgrade should check their users' display names for malicious characters.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/gogs/gogs/security/advisories/GHSA-xq4v-vrp9-vcf2 | x_refsource_CONFIRM | |
| https://github.com/gogs/gogs/pull/7009 | x_refsource_MISC | |
| https://github.com/gogs/gogs/commit/155cae1de8916fc3fde78f350763034b7422caee | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T07:03:40.294Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/gogs/gogs/security/advisories/GHSA-xq4v-vrp9-vcf2", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/gogs/gogs/pull/7009", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/gogs/gogs/commit/155cae1de8916fc3fde78f350763034b7422caee", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "gogs", vendor: "gogs", versions: [ { status: "affected", version: "< 0.12.9", }, ], }, ], descriptions: [ { lang: "en", value: "Gogs is an open source self-hosted Git service. In versions of gogs prior to 0.12.9 `DisplayName` does not filter characters input from users, which leads to an XSS vulnerability when directly displayed in the issue list. This issue has been resolved in commit 155cae1d which sanitizes `DisplayName` prior to display to the user. All users of gogs are advised to upgrade. Users unable to upgrade should check their users' display names for malicious characters.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.4, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-79", description: "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-06-08T17:40:11", orgId: "a0819718-46f1-4df5-94e2-005712e83aaa", shortName: "GitHub_M", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/gogs/gogs/security/advisories/GHSA-xq4v-vrp9-vcf2", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/gogs/gogs/pull/7009", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/gogs/gogs/commit/155cae1de8916fc3fde78f350763034b7422caee", }, ], source: { advisory: "GHSA-xq4v-vrp9-vcf2", discovery: "UNKNOWN", }, title: "XSS vulnerability in repository issue list in Gogs", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security-advisories@github.com", ID: "CVE-2022-31038", STATE: "PUBLIC", TITLE: "XSS vulnerability in repository issue list in Gogs", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "gogs", version: { version_data: [ { version_value: "< 0.12.9", }, ], }, }, ], }, vendor_name: "gogs", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Gogs is an open source self-hosted Git service. In versions of gogs prior to 0.12.9 `DisplayName` does not filter characters input from users, which leads to an XSS vulnerability when directly displayed in the issue list. This issue has been resolved in commit 155cae1d which sanitizes `DisplayName` prior to display to the user. All users of gogs are advised to upgrade. Users unable to upgrade should check their users' display names for malicious characters.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.4, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/gogs/gogs/security/advisories/GHSA-xq4v-vrp9-vcf2", refsource: "CONFIRM", url: "https://github.com/gogs/gogs/security/advisories/GHSA-xq4v-vrp9-vcf2", }, { name: "https://github.com/gogs/gogs/pull/7009", refsource: "MISC", url: "https://github.com/gogs/gogs/pull/7009", }, { name: "https://github.com/gogs/gogs/commit/155cae1de8916fc3fde78f350763034b7422caee", refsource: "MISC", url: "https://github.com/gogs/gogs/commit/155cae1de8916fc3fde78f350763034b7422caee", }, ], }, source: { advisory: "GHSA-xq4v-vrp9-vcf2", discovery: "UNKNOWN", }, }, }, }, cveMetadata: { assignerOrgId: "a0819718-46f1-4df5-94e2-005712e83aaa", assignerShortName: "GitHub_M", cveId: "CVE-2022-31038", datePublished: "2022-06-08T17:40:11", dateReserved: "2022-05-18T00:00:00", dateUpdated: "2024-08-03T07:03:40.294Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2022-1464 (GCVE-0-2022-1464)
Vulnerability from cvelistv5
Published
2022-05-05 13:45
Modified
2024-08-03 00:03
Severity ?
EPSS score ?
Summary
Stored xss bug in GitHub repository gogs/gogs prior to 0.12.7. As the repo is public , any user can view the report and when open the attachment then xss is executed. This bug allow executed any javascript code in victim account .
References
| ▼ | URL | Tags |
|---|---|---|
| https://huntr.dev/bounties/34a12146-3a5d-4efc-a0f8-7a3ae04b198d | x_refsource_CONFIRM | |
| https://github.com/gogs/gogs/commit/bc77440b301ac8780698be91dff1ac33b7cee850 | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T00:03:06.270Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://huntr.dev/bounties/34a12146-3a5d-4efc-a0f8-7a3ae04b198d", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/gogs/gogs/commit/bc77440b301ac8780698be91dff1ac33b7cee850", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "gogs/gogs", vendor: "gogs", versions: [ { lessThan: "0.12.7", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "Stored xss bug in GitHub repository gogs/gogs prior to 0.12.7. As the repo is public , any user can view the report and when open the attachment then xss is executed. This bug allow executed any javascript code in victim account .", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 7.3, baseSeverity: "HIGH", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-79", description: "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-05-05T13:45:12", orgId: "c09c270a-b464-47c1-9133-acb35b22c19a", shortName: "@huntrdev", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://huntr.dev/bounties/34a12146-3a5d-4efc-a0f8-7a3ae04b198d", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/gogs/gogs/commit/bc77440b301ac8780698be91dff1ac33b7cee850", }, ], source: { advisory: "34a12146-3a5d-4efc-a0f8-7a3ae04b198d", discovery: "EXTERNAL", }, title: "Stored xss bug in gogs/gogs", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@huntr.dev", ID: "CVE-2022-1464", STATE: "PUBLIC", TITLE: "Stored xss bug in gogs/gogs", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "gogs/gogs", version: { version_data: [ { version_affected: "<", version_value: "0.12.7", }, ], }, }, ], }, vendor_name: "gogs", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Stored xss bug in GitHub repository gogs/gogs prior to 0.12.7. As the repo is public , any user can view the report and when open the attachment then xss is executed. This bug allow executed any javascript code in victim account .", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 7.3, baseSeverity: "HIGH", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, ], }, ], }, references: { reference_data: [ { name: "https://huntr.dev/bounties/34a12146-3a5d-4efc-a0f8-7a3ae04b198d", refsource: "CONFIRM", url: "https://huntr.dev/bounties/34a12146-3a5d-4efc-a0f8-7a3ae04b198d", }, { name: "https://github.com/gogs/gogs/commit/bc77440b301ac8780698be91dff1ac33b7cee850", refsource: "MISC", url: "https://github.com/gogs/gogs/commit/bc77440b301ac8780698be91dff1ac33b7cee850", }, ], }, source: { advisory: "34a12146-3a5d-4efc-a0f8-7a3ae04b198d", discovery: "EXTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "c09c270a-b464-47c1-9133-acb35b22c19a", assignerShortName: "@huntrdev", cveId: "CVE-2022-1464", datePublished: "2022-05-05T13:45:12", dateReserved: "2022-04-25T00:00:00", dateUpdated: "2024-08-03T00:03:06.270Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2020-9329 (GCVE-0-2020-9329)
Vulnerability from cvelistv5
Published
2020-02-21 21:58
Modified
2024-08-04 10:26
Severity ?
EPSS score ?
Summary
Gogs through 0.11.91 allows attackers to violate the admin-specified repo-creation policy due to an internal/db/repo.go race condition.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/gogs/gogs/issues/5926 | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T10:26:16.073Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/gogs/gogs/issues/5926", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Gogs through 0.11.91 allows attackers to violate the admin-specified repo-creation policy due to an internal/db/repo.go race condition.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-02-21T21:58:23", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://github.com/gogs/gogs/issues/5926", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2020-9329", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Gogs through 0.11.91 allows attackers to violate the admin-specified repo-creation policy due to an internal/db/repo.go race condition.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/gogs/gogs/issues/5926", refsource: "MISC", url: "https://github.com/gogs/gogs/issues/5926", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2020-9329", datePublished: "2020-02-21T21:58:23", dateReserved: "2020-02-21T00:00:00", dateUpdated: "2024-08-04T10:26:16.073Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2022-0415 (GCVE-0-2022-0415)
Vulnerability from cvelistv5
Published
2022-03-21 10:45
Modified
2024-08-02 23:25
Severity ?
EPSS score ?
Summary
Remote Command Execution in uploading repository file in GitHub repository gogs/gogs prior to 0.12.6.
References
| ▼ | URL | Tags |
|---|---|---|
| https://huntr.dev/bounties/b4928cfe-4110-462f-a180-6d5673797902 | x_refsource_CONFIRM | |
| https://github.com/gogs/gogs/commit/0fef3c9082269e9a4e817274942a5d7c50617284 | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T23:25:40.311Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://huntr.dev/bounties/b4928cfe-4110-462f-a180-6d5673797902", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/gogs/gogs/commit/0fef3c9082269e9a4e817274942a5d7c50617284", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "gogs/gogs", vendor: "gogs", versions: [ { lessThan: "0.12.6", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "Remote Command Execution in uploading repository file in GitHub repository gogs/gogs prior to 0.12.6.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.9, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-20", description: "CWE-20 Improper Input Validation", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-03-21T10:45:13", orgId: "c09c270a-b464-47c1-9133-acb35b22c19a", shortName: "@huntrdev", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://huntr.dev/bounties/b4928cfe-4110-462f-a180-6d5673797902", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/gogs/gogs/commit/0fef3c9082269e9a4e817274942a5d7c50617284", }, ], source: { advisory: "b4928cfe-4110-462f-a180-6d5673797902", discovery: "EXTERNAL", }, title: "Remote Command Execution in uploading repository file in gogs/gogs", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@huntr.dev", ID: "CVE-2022-0415", STATE: "PUBLIC", TITLE: "Remote Command Execution in uploading repository file in gogs/gogs", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "gogs/gogs", version: { version_data: [ { version_affected: "<", version_value: "0.12.6", }, ], }, }, ], }, vendor_name: "gogs", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Remote Command Execution in uploading repository file in GitHub repository gogs/gogs prior to 0.12.6.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.9, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-20 Improper Input Validation", }, ], }, ], }, references: { reference_data: [ { name: "https://huntr.dev/bounties/b4928cfe-4110-462f-a180-6d5673797902", refsource: "CONFIRM", url: "https://huntr.dev/bounties/b4928cfe-4110-462f-a180-6d5673797902", }, { name: "https://github.com/gogs/gogs/commit/0fef3c9082269e9a4e817274942a5d7c50617284", refsource: "MISC", url: "https://github.com/gogs/gogs/commit/0fef3c9082269e9a4e817274942a5d7c50617284", }, ], }, source: { advisory: "b4928cfe-4110-462f-a180-6d5673797902", discovery: "EXTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "c09c270a-b464-47c1-9133-acb35b22c19a", assignerShortName: "@huntrdev", cveId: "CVE-2022-0415", datePublished: "2022-03-21T10:45:13", dateReserved: "2022-01-30T00:00:00", dateUpdated: "2024-08-02T23:25:40.311Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2022-1884 (GCVE-0-2022-1884)
Vulnerability from cvelistv5
Published
2024-11-15 10:53
Modified
2024-11-15 19:15
Severity ?
EPSS score ?
Summary
A remote command execution vulnerability exists in gogs/gogs versions <=0.12.7 when deployed on a Windows server. The vulnerability arises due to improper validation of the `tree_path` parameter during file uploads. An attacker can set `tree_path=.git.` to upload a file into the .git directory, allowing them to write or rewrite the `.git/config` file. If the `core.sshCommand` is set, this can lead to remote command execution.
References
{ containers: { adp: [ { affected: [ { cpes: [ "cpe:2.3:a:gogs:gogs:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "gogs", vendor: "gogs", versions: [ { lessThanOrEqual: "0.12.7", status: "affected", version: "0", versionType: "custom", }, ], }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 10, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2022-1884", options: [ { Exploitation: "poc", }, { Automatable: "yes", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-11-15T19:13:14.910217Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-15T19:15:02.353Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "gogs/gogs", vendor: "gogs", versions: [ { lessThanOrEqual: "latest", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "A remote command execution vulnerability exists in gogs/gogs versions <=0.12.7 when deployed on a Windows server. The vulnerability arises due to improper validation of the `tree_path` parameter during file uploads. An attacker can set `tree_path=.git.` to upload a file into the .git directory, allowing them to write or rewrite the `.git/config` file. If the `core.sshCommand` is set, this can lead to remote command execution.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 10, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-78", description: "CWE-78 Improper Neutralization of Special Elements used in an OS Command", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-11-15T10:53:00.844Z", orgId: "c09c270a-b464-47c1-9133-acb35b22c19a", shortName: "@huntr_ai", }, references: [ { url: "https://huntr.com/bounties/9cd4e7b7-0979-4e5e-9a1c-388b58dea76b", }, ], source: { advisory: "9cd4e7b7-0979-4e5e-9a1c-388b58dea76b", discovery: "EXTERNAL", }, title: "Remote Command Execution in gogs/gogs", }, }, cveMetadata: { assignerOrgId: "c09c270a-b464-47c1-9133-acb35b22c19a", assignerShortName: "@huntr_ai", cveId: "CVE-2022-1884", datePublished: "2024-11-15T10:53:00.844Z", dateReserved: "2022-05-25T12:20:16.450Z", dateUpdated: "2024-11-15T19:15:02.353Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2018-18925 (GCVE-0-2018-18925)
Vulnerability from cvelistv5
Published
2018-11-04 06:00
Modified
2024-08-05 11:23
Severity ?
EPSS score ?
Summary
Gogs 0.11.66 allows remote code execution because it does not properly validate session IDs, as demonstrated by a ".." session-file forgery in the file session provider in file.go. This is related to session ID handling in the go-macaron/session code for Macaron.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/gogs/gogs/issues/5469 | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T11:23:08.566Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/gogs/gogs/issues/5469", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2018-11-04T00:00:00", descriptions: [ { lang: "en", value: "Gogs 0.11.66 allows remote code execution because it does not properly validate session IDs, as demonstrated by a \"..\" session-file forgery in the file session provider in file.go. This is related to session ID handling in the go-macaron/session code for Macaron.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-11-04T06:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://github.com/gogs/gogs/issues/5469", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2018-18925", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Gogs 0.11.66 allows remote code execution because it does not properly validate session IDs, as demonstrated by a \"..\" session-file forgery in the file session provider in file.go. This is related to session ID handling in the go-macaron/session code for Macaron.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/gogs/gogs/issues/5469", refsource: "MISC", url: "https://github.com/gogs/gogs/issues/5469", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2018-18925", datePublished: "2018-11-04T06:00:00", dateReserved: "2018-11-04T00:00:00", dateUpdated: "2024-08-05T11:23:08.566Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2022-1986 (GCVE-0-2022-1986)
Vulnerability from cvelistv5
Published
2022-06-09 03:35
Modified
2024-08-03 00:24
Severity ?
EPSS score ?
Summary
OS Command Injection in GitHub repository gogs/gogs prior to 0.12.9.
References
| ▼ | URL | Tags |
|---|---|---|
| https://huntr.dev/bounties/776e8f29-ff5e-4501-bb9f-0bd335007930 | x_refsource_CONFIRM | |
| https://github.com/gogs/gogs/commit/38aff73251cc46ced96dd608dab6190415032a82 | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T00:24:44.142Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://huntr.dev/bounties/776e8f29-ff5e-4501-bb9f-0bd335007930", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/gogs/gogs/commit/38aff73251cc46ced96dd608dab6190415032a82", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "gogs/gogs", vendor: "gogs", versions: [ { lessThan: "0.12.9", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "OS Command Injection in GitHub repository gogs/gogs prior to 0.12.9.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 10, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-78", description: "CWE-78 Improper Neutralization of Special Elements used in an OS Command", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-06-09T03:35:11", orgId: "c09c270a-b464-47c1-9133-acb35b22c19a", shortName: "@huntrdev", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://huntr.dev/bounties/776e8f29-ff5e-4501-bb9f-0bd335007930", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/gogs/gogs/commit/38aff73251cc46ced96dd608dab6190415032a82", }, ], source: { advisory: "776e8f29-ff5e-4501-bb9f-0bd335007930", discovery: "EXTERNAL", }, title: "OS Command Injection in gogs/gogs", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@huntr.dev", ID: "CVE-2022-1986", STATE: "PUBLIC", TITLE: "OS Command Injection in gogs/gogs", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "gogs/gogs", version: { version_data: [ { version_affected: "<", version_value: "0.12.9", }, ], }, }, ], }, vendor_name: "gogs", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "OS Command Injection in GitHub repository gogs/gogs prior to 0.12.9.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 10, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-78 Improper Neutralization of Special Elements used in an OS Command", }, ], }, ], }, references: { reference_data: [ { name: "https://huntr.dev/bounties/776e8f29-ff5e-4501-bb9f-0bd335007930", refsource: "CONFIRM", url: "https://huntr.dev/bounties/776e8f29-ff5e-4501-bb9f-0bd335007930", }, { name: "https://github.com/gogs/gogs/commit/38aff73251cc46ced96dd608dab6190415032a82", refsource: "MISC", url: "https://github.com/gogs/gogs/commit/38aff73251cc46ced96dd608dab6190415032a82", }, ], }, source: { advisory: "776e8f29-ff5e-4501-bb9f-0bd335007930", discovery: "EXTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "c09c270a-b464-47c1-9133-acb35b22c19a", assignerShortName: "@huntrdev", cveId: "CVE-2022-1986", datePublished: "2022-06-09T03:35:11", dateReserved: "2022-06-03T00:00:00", dateUpdated: "2024-08-03T00:24:44.142Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2018-15178 (GCVE-0-2018-15178)
Vulnerability from cvelistv5
Published
2018-08-08 00:00
Modified
2024-08-05 09:46
Severity ?
EPSS score ?
Summary
Open redirect vulnerability in Gogs before 0.12 allows remote attackers to redirect users to arbitrary websites and conduct phishing attacks via an initial /\ substring in the user/login redirect_to parameter, related to the function isValidRedirect in routes/user/auth.go.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/gogs/gogs/issues/5364 | x_refsource_MISC | |
| https://github.com/gogs/gogs/pull/5365 | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T09:46:25.373Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/gogs/gogs/issues/5364", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/gogs/gogs/pull/5365", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2018-08-07T00:00:00", descriptions: [ { lang: "en", value: "Open redirect vulnerability in Gogs before 0.12 allows remote attackers to redirect users to arbitrary websites and conduct phishing attacks via an initial /\\ substring in the user/login redirect_to parameter, related to the function isValidRedirect in routes/user/auth.go.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-08-08T00:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://github.com/gogs/gogs/issues/5364", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/gogs/gogs/pull/5365", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2018-15178", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Open redirect vulnerability in Gogs before 0.12 allows remote attackers to redirect users to arbitrary websites and conduct phishing attacks via an initial /\\ substring in the user/login redirect_to parameter, related to the function isValidRedirect in routes/user/auth.go.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/gogs/gogs/issues/5364", refsource: "MISC", url: "https://github.com/gogs/gogs/issues/5364", }, { name: "https://github.com/gogs/gogs/pull/5365", refsource: "MISC", url: "https://github.com/gogs/gogs/pull/5365", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2018-15178", datePublished: "2018-08-08T00:00:00", dateReserved: "2018-08-07T00:00:00", dateUpdated: "2024-08-05T09:46:25.373Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2018-16409 (GCVE-0-2018-16409)
Vulnerability from cvelistv5
Published
2018-09-03 19:00
Modified
2024-08-05 10:24
Severity ?
EPSS score ?
Summary
In Gogs 0.11.53, an attacker can use migrate to send arbitrary HTTP GET requests, leading to SSRF.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/gogs/gogs/issues/5372 | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T10:24:32.453Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/gogs/gogs/issues/5372", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2018-09-03T00:00:00", descriptions: [ { lang: "en", value: "In Gogs 0.11.53, an attacker can use migrate to send arbitrary HTTP GET requests, leading to SSRF.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-09-03T18:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://github.com/gogs/gogs/issues/5372", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2018-16409", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "In Gogs 0.11.53, an attacker can use migrate to send arbitrary HTTP GET requests, leading to SSRF.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/gogs/gogs/issues/5372", refsource: "MISC", url: "https://github.com/gogs/gogs/issues/5372", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2018-16409", datePublished: "2018-09-03T19:00:00", dateReserved: "2018-09-03T00:00:00", dateUpdated: "2024-08-05T10:24:32.453Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2024-55947 (GCVE-0-2024-55947)
Vulnerability from cvelistv5
Published
2024-12-23 15:26
Modified
2024-12-24 15:59
Severity ?
EPSS score ?
Summary
Gogs is an open source self-hosted Git service. A malicious user is able to write a file to an arbitrary path on the server to gain SSH access to the server. The vulnerability is fixed in 0.13.1.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/gogs/gogs/security/advisories/GHSA-qf5v-rp47-55gg | x_refsource_CONFIRM | |
| https://github.com/gogs/gogs/issues/7582 | x_refsource_MISC | |
| https://github.com/gogs/gogs/pull/7859 | x_refsource_MISC | |
| https://github.com/gogs/gogs/commit/9a9388ace25bd646f5098cb9193d983332c34e41 | x_refsource_MISC |
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2024-55947", options: [ { Exploitation: "poc", }, { Automatable: "yes", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-12-24T15:58:34.175956Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-12-24T15:59:02.793Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, references: [ { tags: [ "exploit", ], url: "https://github.com/gogs/gogs/security/advisories/GHSA-qf5v-rp47-55gg", }, ], title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "gogs", vendor: "gogs", versions: [ { status: "affected", version: "< 0.13.1", }, ], }, ], descriptions: [ { lang: "en", value: "Gogs is an open source self-hosted Git service. A malicious user is able to write a file to an arbitrary path on the server to gain SSH access to the server. The vulnerability is fixed in 0.13.1.", }, ], metrics: [ { cvssV4_0: { attackComplexity: "LOW", attackRequirements: "NONE", attackVector: "NETWORK", baseScore: 8.7, baseSeverity: "HIGH", privilegesRequired: "LOW", subAvailabilityImpact: "NONE", subConfidentialityImpact: "NONE", subIntegrityImpact: "NONE", userInteraction: "NONE", vectorString: "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", version: "4.0", vulnAvailabilityImpact: "HIGH", vulnConfidentialityImpact: "HIGH", vulnIntegrityImpact: "HIGH", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-22", description: "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-12-23T15:26:47.507Z", orgId: "a0819718-46f1-4df5-94e2-005712e83aaa", shortName: "GitHub_M", }, references: [ { name: "https://github.com/gogs/gogs/security/advisories/GHSA-qf5v-rp47-55gg", tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/gogs/gogs/security/advisories/GHSA-qf5v-rp47-55gg", }, { name: "https://github.com/gogs/gogs/issues/7582", tags: [ "x_refsource_MISC", ], url: "https://github.com/gogs/gogs/issues/7582", }, { name: "https://github.com/gogs/gogs/pull/7859", tags: [ "x_refsource_MISC", ], url: "https://github.com/gogs/gogs/pull/7859", }, { name: "https://github.com/gogs/gogs/commit/9a9388ace25bd646f5098cb9193d983332c34e41", tags: [ "x_refsource_MISC", ], url: "https://github.com/gogs/gogs/commit/9a9388ace25bd646f5098cb9193d983332c34e41", }, ], source: { advisory: "GHSA-qf5v-rp47-55gg", discovery: "UNKNOWN", }, title: "Gogs has a Path Traversal in file update API", }, }, cveMetadata: { assignerOrgId: "a0819718-46f1-4df5-94e2-005712e83aaa", assignerShortName: "GitHub_M", cveId: "CVE-2024-55947", datePublished: "2024-12-23T15:26:47.507Z", dateReserved: "2024-12-13T17:39:32.960Z", dateUpdated: "2024-12-24T15:59:02.793Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2018-20303 (GCVE-0-2018-20303)
Vulnerability from cvelistv5
Published
2018-12-20 00:00
Modified
2024-08-05 11:58
Severity ?
EPSS score ?
Summary
In pkg/tool/path.go in Gogs before 0.11.82.1218, a directory traversal in the file-upload functionality can allow an attacker to create a file under data/sessions on the server, a similar issue to CVE-2018-18925.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/gogs/gogs/commit/ff93d9dbda5cebe90d86e4b7dfb2c6b8642970ce | x_refsource_MISC | |
| https://pentesterlab.com/exercises/cve-2018-18925/ | x_refsource_MISC | |
| https://github.com/gogs/gogs/issues/5558 | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T11:58:18.905Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/gogs/gogs/commit/ff93d9dbda5cebe90d86e4b7dfb2c6b8642970ce", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://pentesterlab.com/exercises/cve-2018-18925/", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/gogs/gogs/issues/5558", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2018-12-19T00:00:00", descriptions: [ { lang: "en", value: "In pkg/tool/path.go in Gogs before 0.11.82.1218, a directory traversal in the file-upload functionality can allow an attacker to create a file under data/sessions on the server, a similar issue to CVE-2018-18925.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-12-20T00:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://github.com/gogs/gogs/commit/ff93d9dbda5cebe90d86e4b7dfb2c6b8642970ce", }, { tags: [ "x_refsource_MISC", ], url: "https://pentesterlab.com/exercises/cve-2018-18925/", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/gogs/gogs/issues/5558", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2018-20303", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "In pkg/tool/path.go in Gogs before 0.11.82.1218, a directory traversal in the file-upload functionality can allow an attacker to create a file under data/sessions on the server, a similar issue to CVE-2018-18925.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/gogs/gogs/commit/ff93d9dbda5cebe90d86e4b7dfb2c6b8642970ce", refsource: "MISC", url: "https://github.com/gogs/gogs/commit/ff93d9dbda5cebe90d86e4b7dfb2c6b8642970ce", }, { name: "https://pentesterlab.com/exercises/cve-2018-18925/", refsource: "MISC", url: "https://pentesterlab.com/exercises/cve-2018-18925/", }, { name: "https://github.com/gogs/gogs/issues/5558", refsource: "MISC", url: "https://github.com/gogs/gogs/issues/5558", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2018-20303", datePublished: "2018-12-20T00:00:00", dateReserved: "2018-12-19T00:00:00", dateUpdated: "2024-08-05T11:58:18.905Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2019-14544 (GCVE-0-2019-14544)
Vulnerability from cvelistv5
Published
2019-08-02 21:17
Modified
2024-08-05 00:19
Severity ?
EPSS score ?
Summary
routes/api/v1/api.go in Gogs 0.11.86 lacks permission checks for routes: deploy keys, collaborators, and hooks.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/gogs/gogs/issues/5764 | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T00:19:41.271Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/gogs/gogs/issues/5764", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "routes/api/v1/api.go in Gogs 0.11.86 lacks permission checks for routes: deploy keys, collaborators, and hooks.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-08-02T21:17:37", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://github.com/gogs/gogs/issues/5764", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2019-14544", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "routes/api/v1/api.go in Gogs 0.11.86 lacks permission checks for routes: deploy keys, collaborators, and hooks.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/gogs/gogs/issues/5764", refsource: "MISC", url: "https://github.com/gogs/gogs/issues/5764", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2019-14544", datePublished: "2019-08-02T21:17:37", dateReserved: "2019-08-02T00:00:00", dateUpdated: "2024-08-05T00:19:41.271Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2024-39931 (GCVE-0-2024-39931)
Vulnerability from cvelistv5
Published
2024-07-04 00:00
Modified
2024-08-02 04:33
Severity ?
EPSS score ?
Summary
Gogs through 0.13.0 allows deletion of internal files.
References
{ containers: { adp: [ { affected: [ { cpes: [ "cpe:2.3:a:gogs:gogs:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "gogs", vendor: "gogs", versions: [ { lessThanOrEqual: "0.13.0", status: "affected", version: "0", versionType: "custom", }, ], }, ], metrics: [ { other: { content: { id: "CVE-2024-39931", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-07-08T16:36:45.493589Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-552", description: "CWE-552 Files or Directories Accessible to External Parties", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-07-08T16:43:49.073Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, { providerMetadata: { dateUpdated: "2024-08-02T04:33:11.178Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://github.com/gogs/gogs/releases", }, { tags: [ "x_transferred", ], url: "https://www.sonarsource.com/blog/securing-developer-tools-unpatched-code-vulnerabilities-in-gogs-1/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Gogs through 0.13.0 allows deletion of internal files.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.9, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:N/A:H/C:H/I:H/PR:L/S:C/UI:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2024-07-04T15:42:41.479663", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { url: "https://github.com/gogs/gogs/releases", }, { url: "https://www.sonarsource.com/blog/securing-developer-tools-unpatched-code-vulnerabilities-in-gogs-1/", }, ], }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2024-39931", datePublished: "2024-07-04T00:00:00", dateReserved: "2024-07-04T00:00:00", dateUpdated: "2024-08-02T04:33:11.178Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2022-0870 (GCVE-0-2022-0870)
Vulnerability from cvelistv5
Published
2022-03-11 10:40
Modified
2024-08-02 23:40
Severity ?
EPSS score ?
Summary
Server-Side Request Forgery (SSRF) in GitHub repository gogs/gogs prior to 0.12.5.
References
| ▼ | URL | Tags |
|---|---|---|
| https://huntr.dev/bounties/327797d7-ae41-498f-9bff-cc0bf98cf531 | x_refsource_CONFIRM | |
| https://github.com/gogs/gogs/commit/91f2cde5e95f146bfe4765e837e7282df6c7cabb | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T23:40:04.563Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://huntr.dev/bounties/327797d7-ae41-498f-9bff-cc0bf98cf531", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/gogs/gogs/commit/91f2cde5e95f146bfe4765e837e7282df6c7cabb", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "gogs/gogs", vendor: "gogs", versions: [ { lessThan: "0.12.5", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "Server-Side Request Forgery (SSRF) in GitHub repository gogs/gogs prior to 0.12.5.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-918", description: "CWE-918 Server-Side Request Forgery (SSRF)", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-03-11T10:40:08", orgId: "c09c270a-b464-47c1-9133-acb35b22c19a", shortName: "@huntrdev", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://huntr.dev/bounties/327797d7-ae41-498f-9bff-cc0bf98cf531", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/gogs/gogs/commit/91f2cde5e95f146bfe4765e837e7282df6c7cabb", }, ], source: { advisory: "327797d7-ae41-498f-9bff-cc0bf98cf531", discovery: "EXTERNAL", }, title: "Server-Side Request Forgery (SSRF) in gogs/gogs", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@huntr.dev", ID: "CVE-2022-0870", STATE: "PUBLIC", TITLE: "Server-Side Request Forgery (SSRF) in gogs/gogs", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "gogs/gogs", version: { version_data: [ { version_affected: "<", version_value: "0.12.5", }, ], }, }, ], }, vendor_name: "gogs", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Server-Side Request Forgery (SSRF) in GitHub repository gogs/gogs prior to 0.12.5.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-918 Server-Side Request Forgery (SSRF)", }, ], }, ], }, references: { reference_data: [ { name: "https://huntr.dev/bounties/327797d7-ae41-498f-9bff-cc0bf98cf531", refsource: "CONFIRM", url: "https://huntr.dev/bounties/327797d7-ae41-498f-9bff-cc0bf98cf531", }, { name: "https://github.com/gogs/gogs/commit/91f2cde5e95f146bfe4765e837e7282df6c7cabb", refsource: "MISC", url: "https://github.com/gogs/gogs/commit/91f2cde5e95f146bfe4765e837e7282df6c7cabb", }, ], }, source: { advisory: "327797d7-ae41-498f-9bff-cc0bf98cf531", discovery: "EXTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "c09c270a-b464-47c1-9133-acb35b22c19a", assignerShortName: "@huntrdev", cveId: "CVE-2022-0870", datePublished: "2022-03-11T10:40:09", dateReserved: "2022-03-06T00:00:00", dateUpdated: "2024-08-02T23:40:04.563Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2022-1285 (GCVE-0-2022-1285)
Vulnerability from cvelistv5
Published
2022-06-01 05:55
Modified
2024-08-02 23:55
Severity ?
EPSS score ?
Summary
Server-Side Request Forgery (SSRF) in GitHub repository gogs/gogs prior to 0.12.8.
References
| ▼ | URL | Tags |
|---|---|---|
| https://huntr.dev/bounties/da1fbd6e-7a02-458e-9c2e-6d226c47046d | x_refsource_CONFIRM | |
| https://github.com/gogs/gogs/commit/7885f454a4946c4bbec1b4f8c603b5eea7429c7f | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T23:55:24.665Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://huntr.dev/bounties/da1fbd6e-7a02-458e-9c2e-6d226c47046d", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/gogs/gogs/commit/7885f454a4946c4bbec1b4f8c603b5eea7429c7f", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "gogs/gogs", vendor: "gogs", versions: [ { lessThan: "0.12.8", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "Server-Side Request Forgery (SSRF) in GitHub repository gogs/gogs prior to 0.12.8.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 8.3, baseSeverity: "HIGH", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-918", description: "CWE-918 Server-Side Request Forgery (SSRF)", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-06-01T05:55:10", orgId: "c09c270a-b464-47c1-9133-acb35b22c19a", shortName: "@huntrdev", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://huntr.dev/bounties/da1fbd6e-7a02-458e-9c2e-6d226c47046d", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/gogs/gogs/commit/7885f454a4946c4bbec1b4f8c603b5eea7429c7f", }, ], source: { advisory: "da1fbd6e-7a02-458e-9c2e-6d226c47046d", discovery: "EXTERNAL", }, title: "Server-Side Request Forgery (SSRF) in gogs/gogs", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@huntr.dev", ID: "CVE-2022-1285", STATE: "PUBLIC", TITLE: "Server-Side Request Forgery (SSRF) in gogs/gogs", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "gogs/gogs", version: { version_data: [ { version_affected: "<", version_value: "0.12.8", }, ], }, }, ], }, vendor_name: "gogs", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Server-Side Request Forgery (SSRF) in GitHub repository gogs/gogs prior to 0.12.8.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 8.3, baseSeverity: "HIGH", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-918 Server-Side Request Forgery (SSRF)", }, ], }, ], }, references: { reference_data: [ { name: "https://huntr.dev/bounties/da1fbd6e-7a02-458e-9c2e-6d226c47046d", refsource: "CONFIRM", url: "https://huntr.dev/bounties/da1fbd6e-7a02-458e-9c2e-6d226c47046d", }, { name: "https://github.com/gogs/gogs/commit/7885f454a4946c4bbec1b4f8c603b5eea7429c7f", refsource: "MISC", url: "https://github.com/gogs/gogs/commit/7885f454a4946c4bbec1b4f8c603b5eea7429c7f", }, ], }, source: { advisory: "da1fbd6e-7a02-458e-9c2e-6d226c47046d", discovery: "EXTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "c09c270a-b464-47c1-9133-acb35b22c19a", assignerShortName: "@huntrdev", cveId: "CVE-2022-1285", datePublished: "2022-06-01T05:55:10", dateReserved: "2022-04-09T00:00:00", dateUpdated: "2024-08-02T23:55:24.665Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2022-32174 (GCVE-0-2022-32174)
Vulnerability from cvelistv5
Published
2022-10-11 14:20
Modified
2024-09-16 16:47
Severity ?
EPSS score ?
Summary
In Gogs, versions v0.6.5 through v0.12.10 are vulnerable to Stored Cross-Site Scripting (XSS) that leads to an account takeover.
References
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T07:32:55.973Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.mend.io/vulnerability-database/CVE-2022-32174", }, { tags: [ "x_transferred", ], url: "https://github.com/gogs/gogs/blob/v0.12.10/public/js/gogs.js#L263", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "gogs", vendor: "gogs", versions: [ { lessThan: "unspecified", status: "affected", version: "v0.6.5", versionType: "custom", }, { lessThanOrEqual: "v0.12.10", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], credits: [ { lang: "en", value: "Mend Vulnerability Research Team (MVR)", }, ], datePublic: "2022-10-06T00:00:00", descriptions: [ { lang: "en", value: "In Gogs, versions v0.6.5 through v0.12.10 are vulnerable to Stored Cross-Site Scripting (XSS) that leads to an account takeover.", }, ], metrics: [ { other: { content: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H", version: 3.1, }, type: "unknown", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-79", description: "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-10-11T00:00:00", orgId: "478c68dd-22c1-4a41-97cd-654224dfacff", shortName: "Mend", }, references: [ { url: "https://www.mend.io/vulnerability-database/CVE-2022-32174", }, { url: "https://github.com/gogs/gogs/blob/v0.12.10/public/js/gogs.js#L263", }, ], source: { advisory: "https://www.mend.io/vulnerability-database/", discovery: "UNKNOWN", }, title: "Gogs - XSS", x_generator: { engine: "Vulnogram 0.0.9", }, }, }, cveMetadata: { assignerOrgId: "478c68dd-22c1-4a41-97cd-654224dfacff", assignerShortName: "Mend", cveId: "CVE-2022-32174", datePublished: "2022-10-11T14:20:16.527225Z", dateReserved: "2022-05-31T00:00:00", dateUpdated: "2024-09-16T16:47:35.539Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }