Low severityOSV Advisory· Published Dec 26, 2025· Updated Dec 26, 2025
CVE-2025-68940
CVE-2025-68940
Description
In Gitea before 1.22.5, branch deletion permissions are not adequately enforced after merging a pull request.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
code.gitea.io/giteaGo | < 1.22.5 | 1.22.5 |
Affected products
4- osv-coords3 versionspkg:bitnami/giteapkg:golang/code.gitea.io/giteapkg:rpm/opensuse/govulncheck-vulndb&distro=openSUSE%20Leap%2015.6
< 1.22.5+ 2 more
- (no CPE)range: < 1.22.5
- (no CPE)range: < 1.22.5
- (no CPE)range: < 0.0.20251230T014957-150000.1.134.1
Patches
Vulnerability mechanics
References
6News mentions
0No linked articles in our index yet.