Количество 3
Количество 3
CVE-2026-20736
Gitea does not properly verify repository context when deleting attachments. A user who previously uploaded an attachment to a repository may be able to delete it after losing access to that repository by making the request through a different repository they can access.
CVE-2026-20736
Gitea does not properly verify repository context when deleting attach ...
GHSA-hgr3-x44x-33hx
Gitea has improper access control for uploaded attachments
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2026-20736 Gitea does not properly verify repository context when deleting attachments. A user who previously uploaded an attachment to a repository may be able to delete it after losing access to that repository by making the request through a different repository they can access. | CVSS3: 7.5 | 0% Низкий | 17 дней назад |
| CVE-2026-20736 Gitea does not properly verify repository context when deleting attach ... | CVSS3: 7.5 | 0% Низкий | 17 дней назад |
| GHSA-hgr3-x44x-33hx Gitea has improper access control for uploaded attachments | 0% Низкий | 17 дней назад |
Уязвимостей на страницу