CVE-2022-42968
9.8CRITICALGitea before 1.17.3 does not sanitize and escape refs in the git backend. Arguments to git commands are mishandled.
Publicado: 10/16/2022Actualizado: 5/14/2025
Descripción
Gitea before 1.17.3 does not sanitize and escape refs in the git backend. Arguments to git commands are mishandled.
Análisis IAImpulsado por IA
Productos Afectados
giteagitea
Referencias
- https://github.com/go-gitea/gitea/pull/21463PatchThird Party Advisory
- https://github.com/go-gitea/gitea/releases/tag/v1.17.3Release NotesThird Party Advisory
- https://security.gentoo.org/glsa/202210-14Third Party Advisory
- https://github.com/go-gitea/gitea/pull/21463PatchThird Party Advisory
- https://github.com/go-gitea/gitea/releases/tag/v1.17.3Release NotesThird Party Advisory
- https://security.gentoo.org/glsa/202210-14Third Party Advisory