code.gitea.io/gitea vulnerabilities

(Apache-2.0 OR MIT OR Unlicense)
>=v1.20.6-0.20231106220621-00705da102be <v1.20.6-0.20231125232141-dfd511faf35f
MIT
>=v0.0.0-20150810145912-2aea247208d4 <v1.20.6-0.20231106220621-00705da102be; >=v1.20.6-0.20231125232141-dfd511faf35f <v1.24.3; >=v1.24.5 <v1.24.6; >=v1.25.0-dev <v1.25.0-dev.0.20250715042616-990ae2bfa8ae; >=v1.25.0-dev.0.20250810004329-a8349c4dc3c8 <v1.25.0-dev.0.20250812080645-e02b47d2f327; >=v1.25.0-dev.0.20250906165618-664522ec6bcb <v1.25.0-dev.0.20250910161114-4d43d8594142; >=v1.25.0-dev.0.20250910202023-593a52c2f049 <v1.25.0-dev.0.20250913180100-4fe1066a17f5; >=v1.25.0-rc0 <v1.26.0-dev
(MIT OR Unlicense)
>=v1.24.3 <v1.24.5; >=v1.24.6 <v1.25.0-dev; >=v1.25.0-dev.0.20250715042616-990ae2bfa8ae <v1.25.0-dev.0.20250810004329-a8349c4dc3c8; >=v1.25.0-dev.0.20250812080645-e02b47d2f327 <v1.25.0-dev.0.20250906165618-664522ec6bcb; >=v1.25.0-dev.0.20250910161114-4d43d8594142 <v1.25.0-dev.0.20250910202023-593a52c2f049; >=v1.25.0-dev.0.20250913180100-4fe1066a17f5 <v1.25.0-rc0; >=v1.26.0-dev
Unknown

Direct Vulnerabilities

Known vulnerabilities in the code.gitea.io/gitea package. This does not include vulnerabilities belonging to this package’s dependencies.

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Vulnerability	Vulnerable Version
C Improper Access Control	<1.20.6>=1.21.0 <1.21.1
M Cross-site Scripting (XSS)	<1.7.0
H Open Redirect	<1.16.5
L Cross-site Scripting (XSS)	>=1.12.0-dev <1.13.4
H Denial of Service (DoS)	<1.12.0-rc1
H Cross-site Request Forgery (CSRF)	<1.11.2
M Open Redirect	<1.12.0-dev
H Remote Code Execution (RCE)	<1.5.2