CVE-2024-54148
on github
Published
Severity
CVSS v3:
N/A
CVSS v2:
N/A
Description
Gogs is an open source self-hosted Git service. A malicious user is able to commit and edit a crafted symlink file to a repository to gain SSH access to the server. The vulnerability is fixed in 0.13.1.
References
Configurations
CPE23 | Version Start | Version End | Exact Version |
---|