Lucene search
Veracode Vulnerability DatabaseVERACODE:35848HistoryJun 03, 2022 - 5:47 a.m.
Remote Code Execution (RCE)
2022-06-0305:47:11
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
14
0.004 Low
EPSS
Percentile
73.1%
github.com/gogs/gogs is vulnerable to remote code execution. The vulnerability exists in the isRepositoryGitPath function in repo_editor.go due to a lack of input validation in git configuration which allows an attacker to upload and execute malicious code.
| CPE | Name | Operator | Version |
|---|---|---|---|
| github.com/gogs/gogs | le | v0.12.7 | |
| github.com/gogs/gogs | le | v0.12.7 |
Related
cvelist
cvelist
CVE-2021-32546
2022-05-31 21:21:18
openvas
openvas
Gogs < 0.12.8 RCE Vulnerability
2022-06-03 00:00:00
cve
cve
CVE-2021-32546
2022-06-02 14:15:28
prion
prion
Input validation
2022-06-02 14:15:00
gitlab
gitlab
OS Command Injection in gogs
2022-06-02 00:00:00
osv
osv
OS Command Injection in gogs
2022-06-02 20:52:23
CVE-2021-32546
2022-06-02 14:15:28
alpinelinux
alpinelinux
CVE-2021-32546
2022-06-02 14:15:00
github
github
OS Command Injection in gogs
2022-06-02 20:52:23
nvd
nvd
CVE-2021-32546
2022-06-02 14:15:28