CVE-2026-20912

Critical CVSS: 9.1

Gitea does not properly validate repository ownership when linking attachments to releases. An attachment uploaded to a private repository could potentially be linked to a release in a different public repository, making it accessible to unauthorized users.

Vendor

Gitea

Product

Gitea

CWE

CWE-284

Yayın Tarihi

2026-01-22 22:16:19

Güncelleme

2026-01-29 22:03:58

Source Identifier

88ee5874-cf24-4952-aea0-31affedb7ff2

KEV Date Added

Kategoriler

CWE-284 Gitea CRITICAL Gitea 2026

Referanslar

https://blog.gitea.com/release-of-1.25.4/ https://github.com/go-gitea/gitea/pull/36320 https://github.com/go-gitea/gitea/pull/36355 https://github.com/go-gitea/gitea/releases/tag/v1.25.4 https://github.com/go-gitea/gitea/security/advisories/GHSA-vfmv-f93v-37mw

Benzer Kayıtlar

Medium

CVE-2026-20904

Gitea does not properly validate ownership when toggling OpenID URI visibility. An authenticated user may be able to cha…

Critical

CVE-2026-20897

Gitea does not properly validate repository ownership when deleting Git LFS locks. A user with write access to one repos…

High

CVE-2026-20736

Gitea does not properly verify repository context when deleting attachments. A user who previously uploaded an attachmen…

Critical

CVE-2026-20750

Gitea does not properly validate project ownership in organization project operations. A user with project write access…

Medium

CVE-2026-20800

Gitea's notification API does not re-validate repository access permissions when returning notification details. After a…

Medium

CVE-2026-20883

Gitea's stopwatch API does not re-validate repository access permissions. After a user's access to a private repository…