Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2026-20912

Опубликовано: 22 янв. 2026
Источник: debian
EPSS Низкий

Описание

Gitea does not properly validate repository ownership when linking attachments to releases. An attachment uploaded to a private repository could potentially be linked to a release in a different public repository, making it accessible to unauthorized users.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
gitearemovedpackage

EPSS

Процентиль: 3%
0.00015
Низкий

Связанные уязвимости

redhat логотип

CVE-2026-20912

CVSS3: 9.1
redhat
2 месяца назад

Gitea does not properly validate repository ownership when linking attachments to releases. An attachment uploaded to a private repository could potentially be linked to a release in a different public repository, making it accessible to unauthorized users.

nvd логотип

CVE-2026-20912

CVSS3: 9.1
nvd
2 месяца назад

Gitea does not properly validate repository ownership when linking attachments to releases. An attachment uploaded to a private repository could potentially be linked to a release in a different public repository, making it accessible to unauthorized users.

redos логотип

ROS-20260224-73-0025

CVSS3: 9.1
redos
около 1 месяца назад

Уязвимость gitea

github логотип

GHSA-4xx9-vc8v-87hv

github
2 месяца назад

Gitea does not properly validate repository ownership when linking attachments to releases

EPSS

Процентиль: 3%
0.00015
Низкий