—CVE-2025-8110⚠ KEVGogs vulnerable to a bypass of CVE-2024-55947 in gogs.io/gogs from 0, <= 0.13.3
—CVE-2025-8110⚠ KEVGogs vulnerable to a bypass of CVE-2024-55947 in gogs.io/gogs from 0
CRITICAL10.0Gogs allows deletion of internal files which leads to remote command execution in gogs.io/gogs
from 0, < 0.13.3
CRITICAL10.0Gogs allows deletion of internal files which leads to remote command execution in gogs.io/gogs
from 0, < 0.13.3
CRITICAL10.0OS Command Injection in gogs in gogs.io/gogs
from 0, < 0.12.8
CRITICAL10.0OS Command Injection in gogs in gogs.io/gogs
from 0, < 0.12.8
CRITICAL9.9Gogs allows argument injection during the previewing of changes in github.com/gogs/gogs
from 0, < 0.13.1
CRITICAL9.9github.com/gogs/gogs affected by CVE-2024-39930
from 0, < 0.13.1
CRITICAL9.9Gogs allows deletion of internal files in github.com/gogs/gogs
from 0, < 0.13.1
CRITICAL9.8Remote Command Execution in file editing in gogs in gogs.io/gogs
from 0, < 0.13.1
CRITICAL9.8Remote Command Execution in file editing in gogs in gogs.io/gogs
from 0, < 0.13.1
CRITICAL9.8Gogs OS Command Injection vulnerability in gogs.io/gogs
from 0, < 0.12.11
CRITICAL9.8Gogs OS Command Injection vulnerability in gogs.io/gogs
from 0, < 0.12.11
CRITICAL9.8OS Command Injection in file editor in Gogs in gogs.io/gogs
from 0, < 0.12.9
CRITICAL9.8OS Command Injection in file editor in Gogs in gogs.io/gogs
from 0, < 0.12.9
CRITICAL9.8Insecure Permissions in Gogs in gogs.io/gogs
from 0, < 0.11.91
CRITICAL9.8Insecure Permissions in Gogs in gogs.io/gogs
from 0, < 0.11.91
CRITICAL9.3Gogs: Cross-repository LFS object overwrite via missing content hash verification in gogs.io/gogs
from 0, < 0.14.2
CRITICAL9.3Gogs: Cross-repository LFS object overwrite via missing content hash verification in gogs.io/gogs
from 0
CRITICAL9.1Path Traversal in file editor on Windows in Gogs in gogs.io/gogs
from 0, < 0.12.9
CRITICAL9.1Path Traversal in file editor on Windows in Gogs in gogs.io/gogs
from 0, < 0.12.9
CRITICAL9.0Gogs vulnerable to Cross-site Scripting in gogs.io/gogs
>= 0.6.5, <= 0.12.10
CRITICAL9.0Gogs vulnerable to Cross-site Scripting in gogs.io/gogs
>= 0.6.5
HIGH8.8Path Traversal in file update API in gogs in gogs.io/gogs
from 0, < 0.13.1
HIGH8.8Path Traversal in file update API in gogs in gogs.io/gogs
from 0, < 0.13.1
HIGH8.8Unpatched Remote Code Execution in Gogs in gogs.io/gogs
from 0, < 0.13.2
HIGH8.8Unpatched Remote Code Execution in Gogs in gogs.io/gogs
from 0
HIGH8.8Unrestricted Upload of File with Dangerous Type in Gogs in gogs.io/gogs
from 0, < 0.12.6
HIGH8.8Unrestricted Upload of File with Dangerous Type in Gogs in gogs.io/gogs
from 0, < 0.12.6
HIGH8.7Gogs: Stored XSS via data URI in issue comments in gogs.io/gogs
from 0
HIGH8.7Gogs: Stored XSS via data URI in issue comments in gogs.io/gogs
from 0, < 0.14.2
HIGH8.6Gogs and Gitea SSRF Vulnerability in code.gitea.io/gitea
from 0, < 0.12.0
HIGH8.6Gogs and Gitea SSRF Vulnerability in code.gitea.io/gitea
from 0, < 0.12.0
HIGH8.3Server-Side Request Forgery in gogs webhook in gogs.io/gogs
from 0, < 0.12.8
HIGH8.3Server-Side Request Forgery in gogs webhook in gogs.io/gogs
from 0, < 0.12.8
HIGH8.2Gogs vulnerable to improper PAM authorization handling in gogs.io/gogs
from 0, < 0.12.5
HIGH8.2Gogs vulnerable to improper PAM authorization handling in gogs.io/gogs
from 0, < 0.12.5
HIGH8.1Path Traversal in Git HTTP endpoints in Gogs in gogs.io/gogs
from 0, < 0.12.9
HIGH8.1Path Traversal in Git HTTP endpoints in Gogs in gogs.io/gogs
from 0, < 0.12.9
HIGH7.7Gogs allows argument injection during the tagging of a new release in github.com/gogs/gogs
from 0, < 0.13.1
HIGH7.5Gogs Directory Traversal
from 0, < 0.11.80-0.20181218063808-ff93d9dbda5c
HIGH7.3Gogs: DOM-based XSS via milestone selection in gogs.io/gogs
from 0, <= 0.13.3
HIGH7.3Gogs: DOM-based XSS via milestone selection in gogs.io/gogs
from 0
HIGH7.3SQL Injection in Gogs in gogs.io/gogs
>= 0.3.1, < 0.5.8
HIGH7.3SQL Injection in Gogs in gogs.io/gogs
>= 0.3.1, < 0.5.8
MEDIUM6.5Gogs has arbitrary file read/write via Path Traversal in Git hook editing in gogs.io/gogs
from 0, < 0.13.4
MEDIUM6.5Gogs has arbitrary file read/write via Path Traversal in Git hook editing in gogs.io/gogs
from 0
MEDIUM6.5Gogs user can update repository content with read-only permission in gogs.io/gogs
from 0
MEDIUM6.5Gogs user can update repository content with read-only permission in gogs.io/gogs
from 0, < 0.13.4
MEDIUM6.5Gogs has a Denial of Service issue in gogs.io/gogs
from 0, < 0.13.4
MEDIUM6.5Gogs has a Denial of Service issue in gogs.io/gogs
from 0
MEDIUM6.5SQL Injection in github.com/gogits/gogs
>= 0.3.1, < 0.5.8
MEDIUM6.3Gogs XSS allowed by stored call in PDF renderer in gogs.io/gogs
from 0, < 0.13.3-0.20250608224432-110117b2e5e5
MEDIUM6.3Gogs XSS allowed by stored call in PDF renderer in gogs.io/gogs
from 0, < 0.13.3-0.20250608224432-110117b2e5e5
MEDIUM6.1Gogs XSS Vulnerability in gogs.io/gogs
from 0, < 0.12.0
MEDIUM6.1Gogs XSS Vulnerability in gogs.io/gogs
from 0, < 0.12.0
MEDIUM6.1Open Redirect in gogs.io/gogs
from 0, < 0.12.0
MEDIUM6.1Open Redirect in gogs.io/gogs
from 0, < 0.12.0
MEDIUM5.4Cross-site Scripting vulnerability in repository issue list in Gogs in gogs.io/gogs
from 0, < 0.12.9
MEDIUM5.4Cross-site Scripting vulnerability in repository issue list in Gogs in gogs.io/gogs
from 0, < 0.12.9
MEDIUM5.4Cross-site Scripting in Gogs in gogs.io/gogs
from 0, < 0.12.7
MEDIUM5.4Cross-site Scripting in Gogs in gogs.io/gogs
from 0, < 0.12.7
MEDIUM5.3Gogs: Access tokens get exposed through URL params in API requests in gogs.io/gogs
from 0, <= 0.13.3
MEDIUM5.3Gogs: Access tokens get exposed through URL params in API requests in gogs.io/gogs
from 0
MEDIUM5.3Insecure Permissions in Gogs in gogs.io/gogs
from 0, < 0.12.0
MEDIUM5.3Insecure Permissions in Gogs in gogs.io/gogs
from 0, < 0.12.0
MEDIUM5.0SSRF in repository migration in gogs.io/gogs
from 0, < 0.12.5
MEDIUM5.0SSRF in repository migration in gogs.io/gogs
from 0, < 0.12.5
—Gogs: Stored XSS in branch and wiki views through author and committer names in gogs.io/gogs
from 0
—Gogs: Stored XSS in branch and wiki views through author and committer names in gogs.io/gogs
from 0, <= 0.13.3
—Gogs: Release tag option injection in release deletion in gogs.io/gogs
from 0
—Gogs: Release tag option injection in release deletion in gogs.io/gogs
from 0, < 0.14.2
—Unauthenticated File Upload in Gogs in gogs.io/gogs
from 0, < 0.14.1
—Unauthenticated File Upload in Gogs in gogs.io/gogs
from 0
—Gogs has a Protected Branch Deletion Bypass in Web Interface in gogs.io/gogs
from 0
—Gogs has a Protected Branch Deletion Bypass in Web Interface in gogs.io/gogs
from 0, < 0.14.1
—Gogs has an Authorization Bypass Allows Cross-Repository Label Modification in Gogs in gogs.io/gogs
from 0
—Gogs has an Authorization Bypass Allows Cross-Repository Label Modification in Gogs in gogs.io/gogs
from 0, < 0.14.0
—Gogs Allows Cross-Repository Comment Deletion via DeleteComment in gogs.io/gogs
from 0, < 0.14.0
—Gogs Allows Cross-Repository Comment Deletion via DeleteComment in gogs.io/gogs
from 0
—Gogs has authorization bypass in repository deletion API in gogs.io/gogs
from 0, < 0.13.4
—Gogs has authorization bypass in repository deletion API in gogs.io/gogs
from 0
—Gogs vulnerable to arbitrary file deletion via Path Traversal in wiki page update in gogs.io/gogs
from 0, < 0.13.4
—Gogs vulnerable to arbitrary file deletion via Path Traversal in wiki page update in gogs.io/gogs
from 0
—Gogs Vulnerable to 2FA Bypass via Recovery Code in gogs.io/gogs
>= 0.11.19
—Gogs Vulnerable to 2FA Bypass via Recovery Code in gogs.io/gogs
>= 0.11.19, < 0.13.4
—Gogs's update .git/config file allows remote command execution in gogs.io/gogs
from 0
—Gogs's update .git/config file allows remote command execution in gogs.io/gogs
from 0, < 0.13.4
—OS Command Injection in gogs in gogs.io/gogs
from 0, < 0.12.8
—OS Command Injection in gogs in gogs.io/gogs
from 0, < 0.12.8
—Cross-site Scripting in Gogs in gogs.io/gogs
>= 0.3.1, < 0.5.8
—Cross-site Scripting in Gogs in gogs.io/gogs
>= 0.3.1, < 0.5.8