High severity8.6NVD Advisory· Published Aug 8, 2018· Updated Jun 17, 2026
CVE-2018-15192
CVE-2018-15192
Description
An SSRF vulnerability in webhooks in Gitea through 1.5.0-rc2 and Gogs through 0.11.53 allows remote attackers to access intranet services.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
code.gitea.io/giteaGo | < 1.16.0-rc1 | 1.16.0-rc1 |
gogs.io/gogsGo | < 0.12.0 | 0.12.0 |
Affected products
2- ghsa-coords2 versions
< 1.16.0-rc1+ 1 more
- (no CPE)range: < 1.16.0-rc1
- (no CPE)range: < 0.12.0
Patches
Vulnerability mechanics
References
8- github.com/advisories/GHSA-fg3x-rwq9-74cwghsaADVISORY
- github.com/go-gitea/gitea/issues/4624nvdIssue TrackingThird Party AdvisoryWEB
- github.com/gogs/gogs/issues/5366nvdThird Party AdvisoryWEB
- nvd.nist.gov/vuln/detail/CVE-2018-15192ghsaADVISORY
- github.com/go-gitea/gitea/commit/599ff1c054e436daa4dc3f049aa8661d9c2395f9ghsaWEB
- github.com/go-gitea/gitea/pull/17482ghsaWEB
- github.com/gogs/gogs/commit/22717a1c064511cf37c46af5e650baf7184cf25bghsaWEB
- github.com/gogs/gogs/pull/6002ghsaWEB
News mentions
0No linked articles in our index yet.