High severityNVD Advisory· Published May 16, 2022· Updated Aug 3, 2024
CVE-2022-30781
CVE-2022-30781
Description
Gitea before 1.16.7 does not escape git fetch remote.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
code.gitea.io/giteaGo | < 1.16.7 | 1.16.7 |
Affected products
3- osv-coords2 versions
< 1.16.7+ 1 more
- (no CPE)range: < 1.16.7
- (no CPE)range: < 1.16.7
Patches
Vulnerability mechanics
References
8- github.com/advisories/GHSA-p5f9-c9j9-g8qxghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2022-30781ghsaADVISORY
- packetstormsecurity.com/files/168400/Gitea-1.16.6-Remote-Code-Execution.htmlghsaWEB
- packetstormsecurity.com/files/169928/Gitea-Git-Fetch-Remote-Code-Execution.htmlghsaWEB
- blog.gitea.io/2022/05/gitea-1.16.7-is-releasedghsaWEB
- github.com/go-gitea/gitea/pull/19487ghsaWEB
- github.com/go-gitea/gitea/pull/19490ghsaWEB
- blog.gitea.io/2022/05/gitea-1.16.7-is-released/mitre
News mentions
0No linked articles in our index yet.