Vulnerabilities > Gitea
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-11-04 | CVE-2018-18926 | Session Fixation vulnerability in Gitea Gitea before 1.5.4 allows remote code execution because it does not properly validate session IDs. | 9.8 |
| 2018-10-08 | CVE-2018-1000803 | Information Exposure vulnerability in Gitea Gitea version prior to version 1.5.1 contains a CWE-200 vulnerability that can result in Exposure of users private email addresses. | 5.3 |
| 2018-08-08 | CVE-2018-15192 | Server-Side Request Forgery (SSRF) vulnerability in multiple products An SSRF vulnerability in webhooks in Gitea through 1.5.0-rc2 and Gogs through 0.11.53 allows remote attackers to access intranet services. | 8.6 |