CVE-2025-68939

Опубликовано: 26 дек. 2025

Источник: debian

EPSS Низкий

Описание

Gitea before 1.23.0 allows attackers to add attachments with forbidden file extensions by editing an attachment name via an attachment API.

Пакет	Статус	Версия исправления	Релиз	Тип
gitea	removed			package

EPSS

Процентиль: 2%

0.00013

Низкий

CVE-2025-68939

CVSS3: 8.2

ubuntu

3 месяца назад

Gitea before 1.23.0 allows attackers to add attachments with forbidden file extensions by editing an attachment name via an attachment API.

CVE-2025-68939

CVSS3: 8.2

redhat

3 месяца назад

Gitea before 1.23.0 allows attackers to add attachments with forbidden file extensions by editing an attachment name via an attachment API.

CVE-2025-68939

CVSS3: 8.2

nvd

3 месяца назад

Gitea before 1.23.0 allows attackers to add attachments with forbidden file extensions by editing an attachment name via an attachment API.

ROS-20260224-73-0036

CVSS3: 5.3

redos

около 1 месяца назад

Уязвимость gitea

GHSA-263q-5cv3-xq9g

CVSS3: 8.2

github

3 месяца назад

Gitea allows attackers to add attachments with forbidden file extensions

EPSS

Процентиль: 2%

0.00013

Низкий