CNNVD-202512-1986 Information

CNNVD ID

CNNVD-202512-1986

Related CVE

CVE-2025-8110

• CNNVD Published: 2025-12-10

Description (Chinese)

Gogs（Go Git Service）是Gogs团队的一个基于Go语言的自助Git托管服务，它支持创建、迁移公开/私有仓库，添加、删除仓库协作者等。 Gogs存在安全漏洞，该漏洞源于PutContents API符号链接处理不当，可能导致本地代码执行。

Description (English)

Gogs (Go Git Service), a Gogs team-based self-help Git hosting service based on Go language, supports the creation, relocation, addition, removal of warehouse collaborators, etc. There is a security loophole in Gogs, which stems from the inappropriate handling of the PutContents API symbol link, which may lead to local code enforcement.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

Gogs

Published

2025-12-10

Last Modified

2026-02-24

References

http://wiz.io/blog/wiz-research-gogs-cve-2025-8110-rce-exploit