Gna!
About
Blog
Chat
Clinic
Forum
Mastodon
Login
Join

#security

RSS icon
  • [security] Gitea < 1.17.2 bypassing URL restrictions during migration explained

    24 October , 2022 · 2 min read

    Prior to Gitea 1.17.2 a malicious Gitea server could be used to request local files using the migration web interface or the REST API.

    #gna #gitea #security #problem #upgrade #solution
  • [security] Gitea < 1.17.3 git option injection explained

    17 October , 2022 · 2 min read

    Prior to Gitea 1.17.3 the web interface that displays the commit graph could be used to inject git options used by the Gitea server.

    #gna #gitea #security #problem #upgrade #solution

All text  CC-BY-SA  & code  AGPL  |  No AMP 

Email icon
About CoC | Legalese Privacy | Source Code ToS