Skip to content

x/vulndb: potential Go vuln in github.com/go-gitea/gitea: CVE-2022-30781 #450

New issue
New issue
Closed
Closed
x/vulndb: potential Go vuln in github.com/go-gitea/gitea: CVE-2022-30781#450
Labels
excluded: EFFECTIVELY_PRIVATEThis vulnerability exists in a package can be imported, but isn't meant to be outside that module.
@GoVulnBot

Description

@GoVulnBot
GoVulnBot
opened on May 16, 2022

CVE-2022-30781 references github.com/go-gitea/gitea, which may be a Go module.

Description:
Gitea before 1.6.7 does not escape git fetch remote.

Links:

See doc/triage.md for instructions on how to triage this report.

module: github.com/go-gitea/gitea
package: n/a
description: |
    Gitea before 1.6.7 does not escape git fetch remote.
cves:
  - CVE-2022-30781
links:
    pr: https://github.com/go-gitea/gitea/pull/19487
    context:
      - https://blog.gitea.io/2022/05/gitea-1.16.7-is-released/

Metadata

Metadata

Assignees

No one assigned

    Labels

    excluded: EFFECTIVELY_PRIVATEThis vulnerability exists in a package can be imported, but isn't meant to be outside that module.

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions