| CVE-2020-28991 |
medium |
— |
5.5 |
2y ago |
Improper Access Control in Gitea |
|
| CVE-2021-3382 |
medium |
— |
5.5 |
2y ago |
Buffer Overflow in gitea in code.gitea.io/gitea |
|
| CVE-2026-20904 |
unknown |
— |
— |
4mo ago |
Gitea does not properly validate ownership when toggling OpenID URI visibility in code.gitea.io/gitea |
|
| CVE-2026-20912 |
unknown |
— |
— |
4mo ago |
Gitea does not properly validate repository ownership when linking attachments to releases in code.gitea.io/gitea |
|
| CVE-2026-20883 |
unknown |
— |
— |
4mo ago |
Gitea improperly exposes issue titles and repository names through previously started stopwatches in code.gitea.io/gitea |
|
| CVE-2026-20750 |
unknown |
— |
— |
4mo ago |
Gitea does not properly validate project ownership in organization project operations in code.gitea.io/gitea |
|
| CVE-2026-20800 |
unknown |
— |
— |
4mo ago |
Gitea improperly exposes issue and pull request titles in code.gitea.io/gitea |
|
| CVE-2026-20897 |
unknown |
— |
— |
4mo ago |
Gitea does not properly validate repository ownership when deleting Git LFS locks in code.gitea.io/gitea |
|
| CVE-2026-20888 |
unknown |
— |
— |
4mo ago |
Gitea does not properly verify authorization when canceling scheduled auto-merges via the web interface in code.gitea.io/gitea |
|
| CVE-2022-42968 |
unknown |
— |
— |
4y ago |
Gitea vulnerable to Argument Injection in code.gitea.io/gitea |
|
| CVE-2018-1000803 |
unknown |
— |
— |
4y ago |
Gitea Exposes Private Email Addresses in github.com/go-gitea/gitea |
|
| CVE-2019-11228 |
unknown |
— |
— |
4y ago |
Gitea Improper Input Validation in github.com/go-gitea/gitea |
|
| CVE-2019-11229 |
unknown |
— |
— |
4y ago |
Gitea Remote Code Execution in github.com/go-gitea/gitea |
|
| CVE-2020-13246 |
unknown |
— |
— |
4y ago |
Denial of Service in Gitea in code.gitea.io/gitea |
|
| CVE-2021-45329 |
unknown |
— |
— |
4y ago |
Cross-site Scripting in Gitea in github.com/go-gitea/gitea |
|
| CVE-2021-45327 |
unknown |
— |
— |
4y ago |
Capture-replay in Gitea in code.gitea.io/gitea |
|
| CVE-2021-45326 |
unknown |
— |
— |
4y ago |
Cross Site Request Forgery in Gitea in github.com/go-gitea/gitea |
|
| CVE-2021-45325 |
unknown |
— |
— |
4y ago |
Gitea displaying raw OpenID error in UI in github.com/go-gitea/gitea |
|
| CVE-2021-45328 |
unknown |
— |
— |
4y ago |
Open redirect in Gitea in github.com/go-gitea/gitea |
|