Sign in Get started

← All advisories

Moderate severityOSV Advisory· Published Dec 26, 2025· Updated Dec 26, 2025

CVE-2025-68945

CVE-2025-68945

Description

In Gitea before 1.21.2, an anonymous user can visit a private user's project.

Affected packages

Versions sourced from the GitHub Security Advisory.

Package	Affected versions	Patched versions
code.gitea.io/giteaGo	< 1.21.2	1.21.2

Affected products

1

Go Gitea/GiteaOSV
Range: v0.9.99, v1.0.0, v1.1.0, …

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

6

github.com/advisories/GHSA-7xq4-mwcp-q8fxghsaADVISORY
nvd.nist.gov/vuln/detail/CVE-2025-68945ghsaADVISORY
blog.gitea.com/release-of-1.21.2ghsaWEB
github.com/go-gitea/gitea/pull/28423ghsaWEB
github.com/go-gitea/gitea/releases/tag/v1.21.2ghsaWEB
blog.gitea.com/release-of-1.21.2/mitre

News mentions

0

No linked articles in our index yet.