VYPR
Critical severity9.8NVD Advisory· Published Dec 23, 2024· Updated Jun 17, 2026

CVE-2024-54148

CVE-2024-54148

Description

Gogs is an open source self-hosted Git service. A malicious user is able to commit and edit a crafted symlink file to a repository to gain SSH access to the server. The vulnerability is fixed in 0.13.1.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
gogs.io/gogsGo
< 0.13.10.13.1

Affected products

5

Patches

Vulnerability mechanics

References

6

News mentions

0

No linked articles in our index yet.