Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Gogs Subscribe

CVSS v3 Filter

ALL
NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 7 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-31038 1 Gogs 1 Gogs 2022-06-17 3.5 LOW 5.4 MEDIUM
Gogs is an open source self-hosted Git service. In versions of gogs prior to 0.12.9 `DisplayName` does not filter characters input from users, which leads to an XSS vulnerability when directly displayed in the issue list. This issue has been resolved in commit 155cae1d which sanitizes `DisplayName` prior to display to the user. All users of gogs are advised to upgrade. Users unable to upgrade should check their users' display names for malicious characters.
CVE-2022-1285 1 Gogs 1 Gogs 2022-06-08 4.3 MEDIUM 6.5 MEDIUM
Server-Side Request Forgery (SSRF) in GitHub repository gogs/gogs prior to 0.12.8.
CVE-2022-1464 1 Gogs 1 Gogs 2022-05-13 3.5 LOW 5.4 MEDIUM
Stored xss bug in GitHub repository gogs/gogs prior to 0.12.7. As the repo is public , any user can view the report and when open the attachment then xss is executed. This bug allow executed any javascript code in victim account .
CVE-2020-14958 1 Gogs 1 Gogs 2020-06-26 4.0 MEDIUM 6.5 MEDIUM
In Gogs 0.11.91, MakeEmailPrimary in models/user_mail.go lacks a "not the owner of the email" check.
CVE-2020-9329 1 Gogs 1 Gogs 2020-02-25 4.3 MEDIUM 5.9 MEDIUM
Gogs through 0.11.91 allows attackers to violate the admin-specified repo-creation policy due to an internal/db/repo.go race condition.
CVE-2018-17031 1 Gogs 1 Gogs 2018-11-07 4.3 MEDIUM 6.1 MEDIUM
In Gogs 0.11.53, an attacker can use a crafted .eml file to trigger MIME type sniffing, which leads to XSS, as demonstrated by Internet Explorer, because an "X-Content-Type-Options: nosniff" header is not sent.
CVE-2018-15178 1 Gogs 1 Gogs 2018-10-05 5.8 MEDIUM 6.1 MEDIUM
Open redirect vulnerability in Gogs before 0.12 allows remote attackers to redirect users to arbitrary websites and conduct phishing attacks via an initial /\ substring in the user/login redirect_to parameter, related to the function isValidRedirect in routes/user/auth.go.