GO-2025-4261
and 9 other vulnerabilities
GO-2025-4261 : Gitea allows attackers to add attachments with forbidden file extensions in code.gitea.io/gitea
GO-2026-4362 : Gitea improperly exposes issue and pull request titles in code.gitea.io/gitea
GO-2026-4363 : Gitea does not properly validate repository ownership when deleting Git LFS locks in code.gitea.io/gitea
GO-2026-4364 : Gitea does not properly validate repository ownership when linking attachments to releases in code.gitea.io/gitea
GO-2026-4365 : Gitea may send release notification emails for private repositories to users whose access has been revoked in code.gitea.io/gitea
GO-2026-4366 : Gitea does not properly verify authorization when canceling scheduled auto-merges via the web interface in code.gitea.io/gitea
GO-2026-4367 : Gitea has improper access control for uploaded attachments in code.gitea.io/gitea
GO-2026-4368 : Gitea improperly exposes issue titles and repository names through previously started stopwatches in code.gitea.io/gitea
GO-2026-4369 : Gitea does not properly validate ownership when toggling OpenID URI visibility in code.gitea.io/gitea
GO-2026-4370 : Gitea does not properly validate project ownership in organization project operations in code.gitea.io/gitea
Discover Packages
code.gitea.io/gitea
modules
git
internal
package
Version:
v1.25.2
Opens a new window with list of versions in this module.
Published: Nov 22, 2025
License: MIT
Opens a new window with license information.
Imports: 0
Opens a new window with list of imports.
Imported by: 0
Opens a new window with list of known importers.
Documentation
¶
CmdArg represents a command argument for git command, and it will be used for the git command directly without any further processing.
In most cases, you should use the "AddXxx" functions to add arguments, but not use this type directly.
Casting a risky (user-provided) string to CmdArg would cause security issues if it's injected with a "--xxx" argument.
¶
Click to show internal directories.
Click to hide internal directories.
Affected by 
Documentation
¶
Source Files