Total
42 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-15192 | 2 Gitea, Gogs | 2 Gitea, Gogs | 2024-11-21 | 5.0 MEDIUM | 8.6 HIGH |
| An SSRF vulnerability in webhooks in Gitea through 1.5.0-rc2 and Gogs through 0.11.53 allows remote attackers to access intranet services. | |||||
| CVE-2018-1000803 | 1 Gitea | 1 Gitea | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| Gitea version prior to version 1.5.1 contains a CWE-200 vulnerability that can result in Exposure of users private email addresses. This attack appear to be exploitable via Watch a repository to receive email notifications. Emails received contain the other recipients even if they have the email set as private. This vulnerability appears to have been fixed in 1.5.1. | |||||