References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to nvd@nist.gov.

Known Affected Software Configurations Switch to CPE 2.2

Change History

huntr.dev CWE-862

huntr.dev CWE-285

CWE-285 / More specific CWE option available

Improper Authorization in GitHub repository gogs/gogs prior to 0.12.5.

Missing Authorization in GitHub repository gogs/gogs prior to 0.12.5.

NIST CWE-862

NIST CWE-863

OR
     *cpe:2.3:a:gogs:gogs:*:*:*:*:*:*:*:* versions up to (excluding) 0.12.5

NIST (AV:N/AC:M/Au:N/C:P/I:P/A:N)

NIST AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

NIST CWE-863

https://github.com/gogs/gogs/commit/64102be2c90e1b47dbdd379873ba76c80d4b0e78 No Types Assigned

https://github.com/gogs/gogs/commit/64102be2c90e1b47dbdd379873ba76c80d4b0e78 Patch, Third Party Advisory

https://huntr.dev/bounties/ea82cfc9-b55c-41fe-ae58-0d0e0bd7ab62 No Types Assigned

https://huntr.dev/bounties/ea82cfc9-b55c-41fe-ae58-0d0e0bd7ab62 Exploit, Issue Tracking, Patch, Third Party Advisory