Описание
Gitea does not properly verify authorization when canceling scheduled auto-merges via the web interface. A user with read access to pull requests may be able to cancel auto-merges scheduled by other users.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| gitea | removed | package |
EPSS
Процентиль: 8%
0.00029
Низкий
Связанные уязвимости
CVSS3: 4.3
nvd
15 дней назад
Gitea does not properly verify authorization when canceling scheduled auto-merges via the web interface. A user with read access to pull requests may be able to cancel auto-merges scheduled by other users.
github
15 дней назад
Gitea does not properly verify authorization when canceling scheduled auto-merges via the web interface
EPSS
Процентиль: 8%
0.00029
Низкий