Affected by GO-2025-4258
and 11 other vulnerabilities
GO-2025-4258: Gitea mishandles authorization for deletion of releases in code.gitea.io/gitea
GO-2025-4261: Gitea allows attackers to add attachments with forbidden file extensions in code.gitea.io/gitea
GO-2026-4274: Gitea's /api/v1/user endpoint has different responses for failed authentication depending on whether a username exists in code.gitea.io/gitea
GO-2026-4362: Gitea improperly exposes issue and pull request titles in code.gitea.io/gitea
GO-2026-4363: Gitea does not properly validate repository ownership when deleting Git LFS locks in code.gitea.io/gitea
GO-2026-4364: Gitea does not properly validate repository ownership when linking attachments to releases in code.gitea.io/gitea
GO-2026-4365: Gitea may send release notification emails for private repositories to users whose access has been revoked in code.gitea.io/gitea
GO-2026-4366: Gitea does not properly verify authorization when canceling scheduled auto-merges via the web interface in code.gitea.io/gitea
GO-2026-4367: Gitea has improper access control for uploaded attachments in code.gitea.io/gitea
GO-2026-4368: Gitea improperly exposes issue titles and repository names through previously started stopwatches in code.gitea.io/gitea
GO-2026-4369: Gitea does not properly validate ownership when toggling OpenID URI visibility in code.gitea.io/gitea
GO-2026-4370: Gitea does not properly validate project ownership in organization project operations in code.gitea.io/gitea
func FilterSlice[E any, T comparable](s []E, include func(E) (T, bool)) []T
FilterSlice ranges over the slice and calls include() for each element.
If the second returned value is true, the first returned value will be included in the resulting
slice (after deduplication).
Affected by 
Documentation
¶
Source Files