CNNVD-202512-4788 Information
Dec 26, 2025
cve
CNNVD ID
CNNVD-202512-4788
Related CVE
- CNNVD Published: 2025-12-26
Description (Chinese)
Gitea是Gitea社区的一个基于Go开发的轻量型git服务。 Gitea 1.23.0之前版本存在安全漏洞,该漏洞源于允许通过附件API编辑附件名称添加禁止的文件扩展名。
Description (English)
Gitea is a light-size git service developed by Go in the Gitea community. There was a security loophole in the pre-Gitea version 1.23.0, which resulted from allowing the addition of prohibited file extensions to the name of the Annex by editing by Annex API.
Hazard Level
Medium
Vulnerability Type
其他
Affected Vendor
Gitea
Published
2025-12-26
Last Modified
2026-02-24
References
https://blog.gitea.com/release-of-1.23.0/ https://github.com/go-gitea/gitea/pull/32151 https://github.com/go-gitea/gitea/releases/tag/v1.23.0 https://access.redhat.com/security/cve/cve-2025-68939
Patch
https://github.com/go-gitea/gitea/releases
Share on: