Опубликовано: 04 июл. 2024
Источник: github
Github: Прошло ревью
CVSS4: 8.2
CVSS3: 7.7
Описание
Duplicate Advisory: Gogs allows argument injection during the tagging of a new release
Duplicate Advisory
This advisory has been withdrawn because it is a duplicate of GHSA-m27m-h5gj-wwmg. This link is maintained to preserve external references.
Original Description
Gogs through 0.13.0 allows argument injection during the tagging of a new release. This vulnerability is still unfixed as of the time of this advisory being published.
Пакеты
Наименование
github.com/gogs/gogs
go
Затронутые версииВерсия исправления
<= 0.13.0
Отсутствует
8.2 High
CVSS4
7.7 High
CVSS3
Дефекты
CWE-88
8.2 High
CVSS4
7.7 High
CVSS3
Дефекты
CWE-88