CVE-2022-0905Missing Authorization in Gitea

CWE-862Missing Authorization4 documents3 sources
Severity
7.1HIGHNVD
EPSS
0.3%
top 47.24%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Go-gitea GiteaCode.gitea.io GiteaGitea
Timeline
PublishedMar 10
Latest updateAug 21

Description

Missing Authorization in GitHub repository go-gitea/gitea prior to 1.16.4.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:NExploitability: 2.8 | Impact: 4.2

Affected Packages3 packages

NVDgitea/gitea< 1.16.4
Gocode.gitea.io/gitea< 1.16.4
CVEListV5go-gitea/go-gitea_giteaunspecified1.16.4

Patches

Patch: github.comPatch: huntr.devPatch: github.com

🔴Vulnerability Details

3
OSV
Gitea Missing Authorization vulnerability in code.gitea.io/gitea2024-08-21
GHSA
Gitea Missing Authorization vulnerability2022-03-11
OSV
Gitea Missing Authorization vulnerability2022-03-11