Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Gogs Subscribe
Total 23 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2018-15192 2 Gitea, Gogs 2 Gitea, Gogs 2018-10-18 5.0 MEDIUM 8.6 HIGH
An SSRF vulnerability in webhooks in Gitea through 1.5.0-rc2 and Gogs through 0.11.53 allows remote attackers to access intranet services.
CVE-2018-15178 1 Gogs 1 Gogs 2018-10-05 5.8 MEDIUM 6.1 MEDIUM
Open redirect vulnerability in Gogs before 0.12 allows remote attackers to redirect users to arbitrary websites and conduct phishing attacks via an initial /\ substring in the user/login redirect_to parameter, related to the function isValidRedirect in routes/user/auth.go.
CVE-2018-15193 1 Gogs 1 Gogs 2018-10-05 6.8 MEDIUM 8.8 HIGH
A CSRF vulnerability in the admin panel in Gogs through 0.11.53 allows remote attackers to execute admin operations via a crafted issue / link.