Vulnerabilities > Gitea > Gitea > 1.4.4
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-08-07 | CVE-2022-38795 | Unspecified vulnerability in Gitea In Gitea through 1.17.1, repo cloning can occur in the migration function. | 6.5 |
| 2023-07-05 | CVE-2023-3515 | Open Redirect vulnerability in Gitea Open Redirect in GitHub repository go-gitea/gitea prior to 1.19.4. | 4.4 |
| 2022-08-12 | CVE-2022-38183 | Missing Authorization vulnerability in Gitea In Gitea before 1.16.9, it was possible for users to add existing issues to projects. | 6.5 |
| 2022-05-16 | CVE-2022-30781 | Improper Encoding or Escaping of Output vulnerability in Gitea Gitea before 1.16.7 does not escape git fetch remote. | 7.5 |
| 2022-03-10 | CVE-2022-0905 | Missing Authorization vulnerability in Gitea Missing Authorization in GitHub repository go-gitea/gitea prior to 1.16.4. | 7.1 |
| 2022-02-08 | CVE-2021-45327 | Interpretation Conflict vulnerability in Gitea Gitea before 1.11.2 is affected by Trusting HTTP Permission Methods on the Server Side when referencing the vulnerable admin or user API. | 9.8 |
| 2020-10-16 | CVE-2020-14144 | OS Command Injection vulnerability in Gitea The git hook feature in Gitea 1.1.0 through 1.12.5 might allow for authenticated remote code execution in customer environments where the documentation was not understood (e.g., one viewpoint is that the dangerousness of this feature should be documented immediately above the ENABLE_GIT_HOOKS line in the config file). | 7.2 |