CNNVD-202512-4790 Information

CNNVD ID

CNNVD-202512-4790

Related CVE

CVE-2025-68941

• CNNVD Published: 2025-12-26

Description (Chinese)

Gitea是Gitea社区的一个基于Go开发的轻量型git服务。 Gitea 1.22.3之前版本存在安全漏洞，该漏洞源于接收范围限于公共资源的API令牌时对私有资源的访问处理不当。

Description (English)

Gitea is a light-size git service developed by Go in the Gitea community. There was a security loophole in the pre-Gitea 1.22,3 version, which stemmed from inappropriate handling of private resource access when receiving API tokens limited to public resources.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Gitea

Published

2025-12-26

Last Modified

2026-02-24

References

https://blog.gitea.com/release-of-1.22.3/ https://github.com/go-gitea/gitea/pull/32218 https://github.com/go-gitea/gitea/releases/tag/v1.22.3 https://access.redhat.com/security/cve/cve-2025-68941

Patch

https://github.com/go-gitea/gitea/releases