Количество 2
Количество 2
CVE-2024-56731
Gogs is an open source self-hosted Git service. Prior to version 0.13.3, it's still possible to delete files under the .git directory and achieve remote command execution due to an insufficient patch for CVE-2024-39931. Unprivileged user accounts can execute arbitrary commands on the Gogs instance with the privileges of the account specified by RUN_USER in the configuration. Allowing attackers to access and alter any users' code hosted on the same instance. This issue has been patched in version 0.13.3.
GHSA-wj44-9vcg-wjq7
Gogs allows deletion of internal files which leads to remote command execution
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2024-56731 Gogs is an open source self-hosted Git service. Prior to version 0.13.3, it's still possible to delete files under the .git directory and achieve remote command execution due to an insufficient patch for CVE-2024-39931. Unprivileged user accounts can execute arbitrary commands on the Gogs instance with the privileges of the account specified by RUN_USER in the configuration. Allowing attackers to access and alter any users' code hosted on the same instance. This issue has been patched in version 0.13.3. | CVSS3: 10 | 1% Низкий | 8 месяцев назад |
| GHSA-wj44-9vcg-wjq7 Gogs allows deletion of internal files which leads to remote command execution | CVSS3: 10 | 1% Низкий | 8 месяцев назад |
Уязвимостей на страницу