Critical severityNVD Advisory· Published Jun 9, 2022· Updated Aug 3, 2024
OS Command Injection in gogs/gogs
CVE-2022-1986
Description
OS Command Injection in GitHub repository gogs/gogs prior to 0.12.9.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
gogs.io/gogsGo | < 0.12.9 | 0.12.9 |
Affected products
2Patches
Vulnerability mechanics
References
6- github.com/advisories/GHSA-67mx-jc2f-jgjmghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2022-1986ghsaADVISORY
- github.com/gogs/gogs/blob/f36eeedbf89328ee70cc3a2e239f6314f9021f58/conf/app.inighsaWEB
- github.com/gogs/gogs/commit/38aff73251cc46ced96dd608dab6190415032a82ghsax_refsource_MISCWEB
- github.com/gogs/gogs/security/advisories/GHSA-67mx-jc2f-jgjmghsaWEB
- huntr.dev/bounties/776e8f29-ff5e-4501-bb9f-0bd335007930ghsax_refsource_CONFIRMWEB
News mentions
0No linked articles in our index yet.