GHSA-f85h-c7m6-cfpm

Опубликовано: 26 дек. 2025

Источник: github

Github: Прошло ревью

CVSS3: 5

Описание

Gitea sometimes mishandles propagation of token scope for access control within one of its own package registries

Gitea before 1.22.2 sometimes mishandles the propagation of token scope for access control within one of its own package registries.

Ссылки

Пакеты

Наименование

code.gitea.io/gitea

Затронутые версииВерсия исправления

< 1.22.2

1.22.2

EPSS

Процентиль: 2%

0.00012

Низкий

5 Medium

CVSS3

CVE ID

CVE-2025-68944

Дефекты

CWE-441

Связанные уязвимости

CVE-2025-68944

CVSS3: 5

ubuntu

3 месяца назад

Gitea before 1.22.2 sometimes mishandles the propagation of token scope for access control within one of its own package registries.

CVE-2025-68944

CVSS3: 5

redhat

3 месяца назад

Gitea before 1.22.2 sometimes mishandles the propagation of token scope for access control within one of its own package registries.

CVE-2025-68944

CVSS3: 5

nvd

3 месяца назад

Gitea before 1.22.2 sometimes mishandles the propagation of token scope for access control within one of its own package registries.

CVE-2025-68944

CVSS3: 5

debian

3 месяца назад

Gitea before 1.22.2 sometimes mishandles the propagation of token scop ...

EPSS

Процентиль: 2%

0.00012

Низкий

5 Medium

CVSS3

CVE ID

CVE-2025-68944

Дефекты

CWE-441