Vulnerabilities > CVE-2024-55947 - Unspecified vulnerability in Gogs

CVSS 8.8 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

gogs

NVD

Published: 2024-12-23

Updated: 2025-04-10

Summary

Gogs is an open source self-hosted Git service. A malicious user is able to write a file to an arbitrary path on the server to gain SSH access to the server. The vulnerability is fixed in 0.13.1.

Vulnerable Configurations

Part	Description	Count
Application	Gogs Gogs Gogs - Gogs Gogs 0.2.0 Gogs Gogs 0.3.0 Gogs Gogs 0.3.1 Gogs Gogs 0.4.0 Gogs Gogs 0.4.1 Gogs Gogs 0.4.2 Gogs Gogs 0.5.0 Gogs Gogs 0.5.2 Gogs Gogs 0.5.5 Gogs Gogs 0.5.8 Gogs Gogs 0.5.9 Gogs Gogs 0.5.11 Gogs Gogs 0.5.13 Gogs Gogs 0.6.0 Gogs Gogs 0.6.1 Gogs Gogs 0.6.3 Gogs Gogs 0.6.5 Gogs Gogs 0.6.9 Gogs Gogs 0.6.15 Gogs Gogs 0.7.0 Gogs Gogs 0.7.6 Gogs Gogs 0.7.19 Gogs Gogs 0.7.22 Gogs Gogs 0.7.33 Gogs Gogs 0.8.0 Gogs Gogs 0.8.10 Gogs Gogs 0.8.25 Gogs Gogs 0.8.43 Gogs Gogs 0.9.0 Gogs Gogs 0.9.13 Gogs Gogs 0.9.46 Gogs Gogs 0.9.48 Gogs Gogs 0.9.60 Gogs Gogs 0.9.71 Gogs Gogs 0.9.97 Gogs Gogs 0.9.113 Gogs Gogs 0.9.128 Gogs Gogs 0.9.141 Gogs Gogs 0.10 Gogs Gogs 0.10.1 Gogs Gogs 0.10.8 Gogs Gogs 0.10.18 Gogs Gogs 0.11 Gogs Gogs 0.11.4 Gogs Gogs 0.11.19 Gogs Gogs 0.11.29 Gogs Gogs 0.11.33 Gogs Gogs 0.11.34 Gogs Gogs 0.11.43 Gogs Gogs 0.11.53 Gogs Gogs 0.11.66 Gogs Gogs 0.11.79 Gogs Gogs 0.11.82.1218 Gogs Gogs 0.11.86 Gogs Gogs 0.11.91 Gogs Gogs 0.12 Gogs Gogs 0.12.2 Gogs Gogs 0.12.3 Gogs Gogs 0.12.4 Gogs Gogs 0.12.5 Gogs Gogs 0.12.6 Gogs Gogs 0.12.7 Gogs Gogs 0.12.8 Gogs Gogs 0.12.9 Gogs Gogs 0.12.10 Gogs Gogs 0.12.11 Gogs Gogs 0.12.13 Gogs Gogs 0.13.0	76

Summary

Vulnerable Configurations

References