Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2026-20883

Опубликовано: 22 янв. 2026
Источник: debian

Описание

Gitea's stopwatch API does not re-validate repository access permissions. After a user's access to a private repository is revoked, they may still view issue titles and repository names through previously started stopwatches.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
gitearemovedpackage

Связанные уязвимости

nvd логотип

CVE-2026-20883

CVSS3: 6.5
nvd
15 дней назад

Gitea's stopwatch API does not re-validate repository access permissions. After a user's access to a private repository is revoked, they may still view issue titles and repository names through previously started stopwatches.

github логотип

GHSA-j8xr-c56q-m8jj

github
15 дней назад

Gitea improperly exposes issue titles and repository names through previously started stopwatches