CVE-2022-30781
unknown
CVSS v3
—
VIR risk
—
Description
Shell command injection in gitea in code.gitea.io/gitea
Predictions
Exploit likelihood
30%
Patch ETA
—
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
No vendor mitigations ingested yet for this CVE. The mitigation-content worker queues fetches as references arrive — check back in a few minutes, or see the references list below.
Package impact
| Ecosystem | Package | Vulnerable | Fixed |
|---|---|---|---|
| Go | code.gitea.io/gitea | <1.16.7 | 1.16.7 |
References
- https://nvd.nist.gov/vuln/detail/CVE-2022-30781
- https://github.com/go-gitea/gitea/pull/19487
- https://github.com/go-gitea/gitea/pull/19490
- https://blog.gitea.io/2022/05/gitea-1.16.7-is-released
- https://github.com/go-gitea/gitea
- http://packetstormsecurity.com/files/168400/Gitea-1.16.6-Remote-Code-Execution.html
- http://packetstormsecurity.com/files/169928/Gitea-Git-Fetch-Remote-Code-Execution.html
- https://github.com/advisories/GHSA-p5f9-c9j9-g8qx
💬 Discuss CVE-2022-30781 on VIR Community →
Community-verified mitigations for this CVE will appear above when contributors publish them.
Verify integrity in audit chain (admin only). AS-IS.