Lucene search
Veracode Vulnerability DatabaseVERACODE:27618HistoryOct 19, 2020 - 7:10 a.m.
Remote Code Execution (RCE)
2020-10-1907:10:09
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
36
remote code execution
vulnerability
git hooks
default
gitea
EPSS
0.973
Percentile
99.9%
github.com/go-gitea/gitea is vulnerable to remote code execution (RCE). The vulnerability exists through git hooks which are enabled by default.
References
packetstormsecurity.com/files/162122/Gitea-Git-Hooks-Remote-Code-Execution.html
docs.github.com/en/[email protected]/admin/policies/creating-a-pre-receive-hook-script
docs.gitlab.com/ee/administration/server_hooks.html
github.com/go-gitea/gitea/commit/e00e8d8ad391ded1316d9dade4d2542199141be6
github.com/go-gitea/gitea/pull/13058
github.com/go-gitea/gitea/releases
github.com/PandatiX/CVE-2021-28378
github.com/PandatiX/CVE-2021-28378#notes
www.fzi.de/en/news/news/detail-en/artikel/fsa-2020-3-schwachstelle-in-gitea-1125-und-gogs-0122-ermoeglicht-ausfuehrung-von-code-nach-authent/
Related
prion
prion
Design/Logic Flaw
2020-10-16 14:15:00
github
github
Arbitrary Code Execution in Gitea
2024-04-22 19:07:03
gitlab
gitlab
Arbitrary Code Execution in Gitea
2024-04-22 00:00:00
openvas
openvas
Gitea >= 1.1.0, <= 1.12.5 RCE Vulnerability
2020-10-28 00:00:00
attackerkb
attackerkb
CVE-2020-14144
2020-10-16 00:00:00
CVE-2020-15867
2020-10-16 00:00:00
cve
cve
CVE-2020-14144
2020-10-16 14:15:11
zdt
zdt
Gitea Git Hooks Remote Code Execution Exploit
2021-04-07 00:00:00
Gitea 1.12.5 - Remote Code Execution (Authenticated) Exploit
2021-02-18 00:00:00
Gogs Git Hooks Remote Code Execution Exploit
2021-04-07 00:00:00
packetstorm
packetstorm
Gitea Git Hooks Remote Code Execution
2021-04-07 00:00:00
Gitea 1.12.5 Remote Code Execution
2021-02-18 00:00:00
Gogs Git Hooks Remote Code Execution
2021-04-07 00:00:00
nuclei
nuclei
Gitea 1.1.0 - 1.12.5 - Remote Code Execution
2023-03-18 22:07:09
cvelist
cvelist
CVE-2020-14144
2020-10-16 13:02:25
nvd
nvd
CVE-2020-14144
2020-10-16 14:15:11
exploitdb
exploitdb
Gitea 1.12.5 - Remote Code Execution (Authenticated)
2021-02-18 00:00:00
metasploit
metasploit
Gitea Git Hooks Remote Code Execution
2021-03-31 14:47:29
Gogs Git Hooks Remote Code Execution
2021-03-31 14:47:29
osv
osv
Arbitrary Code Execution in Gitea
2024-04-22 19:07:03
BIT-gitea-2020-14144
2024-03-06 10:55:48
rapid7blog
rapid7blog
Metasploit Wrap-Up
2021-04-09 19:17:46