Affected by GO-2025-4261
and 9 other vulnerabilities
GO-2025-4261: Gitea allows attackers to add attachments with forbidden file extensions in code.gitea.io/gitea
GO-2026-4362: Gitea improperly exposes issue and pull request titles in code.gitea.io/gitea
GO-2026-4363: Gitea does not properly validate repository ownership when deleting Git LFS locks in code.gitea.io/gitea
GO-2026-4364: Gitea does not properly validate repository ownership when linking attachments to releases in code.gitea.io/gitea
GO-2026-4365: Gitea may send release notification emails for private repositories to users whose access has been revoked in code.gitea.io/gitea
GO-2026-4366: Gitea does not properly verify authorization when canceling scheduled auto-merges via the web interface in code.gitea.io/gitea
GO-2026-4367: Gitea has improper access control for uploaded attachments in code.gitea.io/gitea
GO-2026-4368: Gitea improperly exposes issue titles and repository names through previously started stopwatches in code.gitea.io/gitea
GO-2026-4369: Gitea does not properly validate ownership when toggling OpenID URI visibility in code.gitea.io/gitea
GO-2026-4370: Gitea does not properly validate project ownership in organization project operations in code.gitea.io/gitea
package
Version:
v1.25.2
Opens a new window with list of versions in this module.
Published: Nov 22, 2025
License: MIT
Opens a new window with license information.
Imports: 15
Opens a new window with list of imports.
Imported by: 1
Opens a new window with list of known importers.
Documentation
¶
StripMarkdown parses markdown content by removing all markup and code blocks
in order to extract links and other references
StripMarkdownBytes parses markdown content by removing all markup and code blocks
in order to extract links and other references
Source Files
¶
Click to show internal directories.
Click to hide internal directories.