VDB
CVE-2022-0871
CVE-2022-0871
PUBLISHED
CVSS 8.199999809265137 HIGH
Missing Authorization in GitHub repository gogs/gogs prior to 0.12.5.
EPSS 1.00% · 77.3th percentile
Risk Scores
CVSS v3.0
8.199999809265137
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N
EPSS Score
1.00%
77.3th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| gogs | gogs | 0 |
| gogs.io | gogs | 0 |
| gogs | gogs/gogs | unspecified |
Timeline
- Mar 11, 2022 CVE Published
- Mar 12, 2022 EPSS Score
- May 2, 2022 EPSS Score
- Jun 23, 2022 EPSS Score
- Oct 4, 2022 EPSS Score
- Nov 24, 2022 EPSS Score
- Jan 15, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 27, 2023 EPSS Score
- Jun 17, 2023 EPSS Score
- Sep 28, 2023 EPSS Score
- Nov 18, 2023 EPSS Score
References
- https://github.com/gogs/gogs/commit/64102be2c90e1b47dbdd379873ba76c80d4b0e78 url
- https://huntr.dev/bounties/ea82cfc9-b55c-41fe-ae58-0d0e0bd7ab62 url
- https://github.com/gogs/gogs/security/advisories/GHSA-gw5h-h6hj-f56g url
- https://nvd.nist.gov/vuln/detail/CVE-2022-0871 advisory
- https://github.com/gogs/gogs/issues/6810 url
- https://github.com/gogs/gogs package