Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
osvGoogleOSV:CVE-2020-15867
HistoryOct 16, 2020 - 2:15 p.m.

CVE-2020-15867

2020-10-1614:15:11
Google
osv.dev
4

7.7 High

AI Score

Confidence

Low

0.967 High

EPSS

Percentile

99.7%

JSON

The git hook feature in Gogs 0.5.5 through 0.12.2 allows for authenticated remote code execution. There can be a privilege escalation if access to this hook feature is granted to a user who does not have administrative privileges. NOTE: because this is mentioned in the documentation but not in the UI, it could be considered a “Product UI does not Warn User of Unsafe Actions” issue.

CPENameOperatorVersion
gogseq0.12.4
gogseq0.9.0
gogseq0.12.1
gogseq0.12.3
gogseq0.12.5
gogseq0.5.5
gogseq0.12.9
gogseq0.11.53
gogseq0.10.1
gogseq0.11.29
Rows per page:
1-10 of 701

Related

prion 1
veracode 1
cve 1
nvd 1
nuclei 1
openvas 1
cvelist 1
zdt 1
packetstorm 1
attackerkb 1
prion
prion
Privilege escalation
2020-10-16 14:15:00
veracode
veracode
Remote Code Execution (RCE)
2020-10-19 07:31:18
cve
cve
CVE-2020-15867
2020-10-16 14:15:11
nvd
nvd
CVE-2020-15867
2020-10-16 14:15:11
nuclei
nuclei
Gogs 0.5.5 - 0.12.2 - Remote Code Execution
2023-03-18 22:07:09
openvas
openvas
Gogs >= 0.5.5, <= 0.12.3 RCE Vulnerability
2020-10-28 00:00:00
cvelist
cvelist
CVE-2020-15867
2020-10-16 13:04:43
zdt
zdt
Gogs Git Hooks Remote Code Execution Exploit
2021-04-07 00:00:00
packetstorm
packetstorm
Gogs Git Hooks Remote Code Execution
2021-04-07 00:00:00
attackerkb
attackerkb
CVE-2020-15867
2020-10-16 00:00:00

7.7 High

AI Score

Confidence

Low

0.967 High

EPSS

Percentile

99.7%

JSON
Related for OSV:CVE-2020-15867
prion1veracode1cve1nvd1nuclei1openvas1cvelist1zdt1packetstorm1attackerkb1