Missing Authorization in gogs/gogs
CVE-2022-0871

8.2HIGH

Key Information:

Vendor

Gogs

Status
Gogs/gogs
Vendor
CVE Published:
11 March 2022

What is CVE-2022-0871?

Missing Authorization in GitHub repository gogs/gogs prior to 0.12.5.

Affected Version(s)

gogs/gogs < 0.12.5

References

https://huntr.dev/bounties/ea82cfc9-b55c-41fe-ae58-0d0e0b...
https://github.com/gogs/gogs/commit/64102be2c90e1b47dbdd3...

CVSS V3.1

Score:
8.2
Severity:
HIGH
Confidentiality:
High
Integrity:
Low
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.