Affected by GO-2025-4258 and 4 other vulnerabilities

GO-2025-4258: Gitea mishandles authorization for deletion of releases in code.gitea.io/gitea

GO-2025-4261: Gitea allows attackers to add attachments with forbidden file extensions in code.gitea.io/gitea

GO-2025-4267: Gitea doesn't adequately enforce branch deletion permissions after merging a pull request. in code.gitea.io/gitea

GO-2025-4268: Gitea mishandles access to a private resource upon receiving an API token with scope limited to public resources in code.gitea.io/gitea

GO-2026-4274: Gitea's /api/v1/user endpoint has different responses for failed authentication depending on whether a username exists in code.gitea.io/gitea

internal

package

v1.22.2 Latest Latest Go to latest Published: Sep 5, 2024 License: MIT Imports: 0 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/go-gitea/gitea

Documentation ¶

Index ¶

type CmdArg

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type CmdArg ¶

type CmdArg string

CmdArg represents a command argument for git command, and it will be used for the git command directly without any further processing. In most cases, you should use the "AddXxx" functions to add arguments, but not use this type directly. Casting a risky (user-provided) string to CmdArg would cause security issues if it's injected with a "--xxx" argument.

Source Files ¶

View all Source files

cmdarg.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL