Affected by GO-2022-0369 and 24 other vulnerabilities

GO-2022-0369: Gogs vulnerable to improper PAM authorization handling in gogs.io/gogs

GO-2022-0377: SSRF in repository migration in gogs.io/gogs

GO-2022-0471: OS Command Injection in gogs in gogs.io/gogs

GO-2022-0473: Cross site scripting via cookies in gogs in gogs.io/gogs

GO-2022-0483: Cross-site Scripting vulnerability in repository issue list in Gogs in gogs.io/gogs

GO-2022-0554: Unrestricted Upload of File with Dangerous Type in Gogs in gogs.io/gogs

GO-2022-0556: OS Command Injection in file editor in Gogs in gogs.io/gogs

GO-2022-0562: Path Traversal in Git HTTP endpoints in Gogs in gogs.io/gogs

GO-2022-0566: SSRF in repository migration in gogs.io/gogs

GO-2022-0570: Path Traversal in file editor on Windows in Gogs in gogs.io/gogs

GO-2022-0583: Server-Side Request Forgery in gogs webhook in gogs.io/gogs

GO-2022-0597: Cross-site Scripting in Gogs in gogs.io/gogs

GO-2022-0749: OS Command Injection in gogs in gogs.io/gogs

GO-2022-0788: Insecure Permissions in Gogs in gogs.io/gogs

GO-2022-0797: Insecure Permissions in Gogs in gogs.io/gogs

GO-2022-0822: Open Redirect in gogs.io/gogs

GO-2022-1060: Gogs vulnerable to Cross-site Scripting in gogs.io/gogs

GO-2023-1596: Gogs OS Command Injection vulnerability in gogs.io/gogs

GO-2023-1971: Gogs and Gitea SSRF Vulnerability in code.gitea.io/gitea

GO-2023-1972: Gogs XSS Vulnerability in gogs.io/gogs

GO-2024-3275: Unpatched Remote Code Execution in Gogs in gogs.io/gogs

GO-2024-3355: Remote Command Execution in file editing in gogs in gogs.io/gogs

GO-2024-3356: Path Traversal in file update API in gogs in gogs.io/gogs

GO-2025-3776: Gogs allows deletion of internal files which leads to remote command execution in gogs.io/gogs

GO-2025-3778: Gogs XSS allowed by stored call in PDF renderer in gogs.io/gogs

armhf

command

v0.11.66 Latest Latest Go to latest Published: Sep 16, 2018 License: MIT Imports: 4 Imported by: 0

Details

There is no documentation for this package.