CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Gogs: >> Gogs >> 0.11.86 Security Vulnerabilities

CVE-2019-14544

routes/api/v1/api.go in Gogs 0.11.86 lacks permission checks for routes: deploy keys, collaborators, and hooks.

CVSS Score

9.8

EPSS Score

0.003

Published

2019-08-02

CVE-2018-15178

Open redirect vulnerability in Gogs before 0.12 allows remote attackers to redirect users to arbitrary websites and conduct phishing attacks via an initial /\ substring in the user/login redirect_to parameter, related to the function isValidRedirect in routes/user/auth.go.

CVSS Score

6.1

EPSS Score

0.002

Published

2018-08-08

Page 5

Vulnerabilities

Vulnerable Software

Gogs: >> Gogs >> 0.11.86 Security Vulnerabilities

Products

Pricing

Contact Us