Critical severityNVD Advisory· Published Feb 25, 2023· Updated Mar 11, 2025
OS Command Injection in gogs/gogs
CVE-2022-2024
Description
OS Command Injection in GitHub repository gogs/gogs prior to 0.12.11.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
gogs.io/gogsGo | < 0.12.11 | 0.12.11 |
Affected products
2Patches
Vulnerability mechanics
References
7- github.com/advisories/GHSA-pfvh-p8qp-9ww9ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2022-2024ghsaADVISORY
- github.com/gogs/gogs/blob/f36eeedbf89328ee70cc3a2e239f6314f9021f58/conf/app.inighsaWEB
- github.com/gogs/gogs/commit/15d0d6a94be0098a8227b6b95bdf2daed105ec41ghsaWEB
- github.com/gogs/gogs/issues/7030ghsaWEB
- github.com/gogs/gogs/security/advisories/GHSA-pfvh-p8qp-9ww9ghsaWEB
- huntr.dev/bounties/18cf9256-23ab-4098-a769-85f8da130f97ghsaWEB
News mentions
0No linked articles in our index yet.