Required CVE Record Information
Description
Gitea before 1.16.7 does not escape git fetch remote.
References 5 Total
- https://github.com/go-gitea/gitea/pull/19490
- https://github.com/go-gitea/gitea/pull/19487
- https://blog.gitea.io/2022/05/gitea-1.16.7-is-released/
- http://packetstormsecurity.com/files/168400/Gitea-1.16.6-Remote-Code-Execution.html
- http://packetstormsecurity.com/files/169928/Gitea-Git-Fetch-Remote-Code-Execution.html
Updated:
This container includes required additional information provided by the CVE Program for this vulnerability.
References 5 Total
- https://github.com/go-gitea/gitea/pull/19490 x_transferred
- https://github.com/go-gitea/gitea/pull/19487 x_transferred
- https://blog.gitea.io/2022/05/gitea-1.16.7-is-released/ x_transferred
- http://packetstormsecurity.com/files/168400/Gitea-1.16.6-Remote-Code-Execution.html x_transferred
- http://packetstormsecurity.com/files/169928/Gitea-Git-Fetch-Remote-Code-Execution.html x_transferred