CVE-2025-68944

Опубликовано: 26 дек. 2025

Источник: nvd

CVSS3: 5

CVSS3: 5.3

EPSS Низкий

Описание

Gitea before 1.22.2 sometimes mishandles the propagation of token scope for access control within one of its own package registries.

Ссылки

https://blog.gitea.com/release-of-1.22.2/
Release Notes
https://github.com/go-gitea/gitea/pull/31967
Issue Tracking
https://github.com/go-gitea/gitea/releases/tag/v1.22.2
Release Notes

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:gitea:gitea:*:*:*:*:*:-:*:*

Версия до 1.22.2 (исключая)

EPSS

Процентиль: 7%

0.00027

Низкий

5 Medium

CVSS3

5.3 Medium

CVSS3

Дефекты

CWE-441

Связанные уязвимости

CVE-2025-68944

CVSS3: 5

ubuntu

21 день назад

Gitea before 1.22.2 sometimes mishandles the propagation of token scope for access control within one of its own package registries.

CVE-2025-68944

CVSS3: 5

debian

21 день назад

Gitea before 1.22.2 sometimes mishandles the propagation of token scop ...

GHSA-f85h-c7m6-cfpm

CVSS3: 5

github

21 день назад

Gitea sometimes mishandles propagation of token scope for access control within one of its own package registries

EPSS

Процентиль: 7%

0.00027

Низкий

5 Medium

CVSS3

5.3 Medium

CVSS3

Дефекты

CWE-441