CNNVD-202512-4792 Information

CNNVD ID

CNNVD-202512-4792

Related CVE

CVE-2025-68943

• CNNVD Published: 2025-12-26

Description (Chinese)

Gitea是Gitea社区的一个基于Go开发的轻量型git服务。 Gitea 1.21.8之前版本存在安全漏洞，该漏洞源于允许通过lastlogintime排序暴露用户登录时间。

Description (English)

Gitea is a light-size git service developed by Go in the Gitea community. There was a security loophole in the pre-Gitea 1.21.8 version, which stemmed from allowing the user login time to be exposed through the lastlogintime sorting.

Hazard Level

High

Vulnerability Type

其他

Published

2025-12-26

Last Modified

2026-02-24

References

https://blog.gitea.com/release-of-1.21.8-and-1.21.9-and-1.21.10/ https://github.com/go-gitea/gitea/pull/29430 https://github.com/go-gitea/gitea/releases/tag/v1.21.8 https://access.redhat.com/security/cve/cve-2025-68943

Patch

https://github.com/go-gitea/gitea/releases