Homepage

gitea

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the gitea package. This does not include vulnerabilities belonging to this package’s dependencies.

Fix vulnerabilities automatically

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Fix for free
VulnerabilityVulnerable Version
  • L
GHSA-389r-gv7p-r3rp

<1.25.5-r9
  • L
CVE-2026-45022

<1.25.5-r9
  • H
Loop with Unreachable Exit Condition ('Infinite Loop')

<1.25.5-r8
  • H
Insufficiently Protected Credentials

<1.25.5-r5
  • L
Integer Overflow or Wraparound

<1.25.5-r6
  • L
GHSA-pjcq-xvwq-hhpj

<1.25.5-r6
  • L
GHSA-3xc5-wrhm-f963

<1.25.5-r5
  • H
Incorrect Authorization

<1.25.5-r4
  • L
GHSA-5w89-2c2x-6x66

<1.25.5-r4
  • L
GHSA-gm2x-2g9h-ccm8

<1.25.5-r3
  • L
GHSA-jhf3-xxhw-2wpp

<1.25.5-r3
  • L
Improper Validation of Array Index

<1.25.5-r3
  • L
Integer Underflow

<1.25.5-r3
  • L
Improper Authorization

<1.25.5-r1
  • L
GHSA-p77j-4mvh-x3m3

<1.25.5-r1
  • L
Directory Traversal

<1.25.4-r9
  • L
GHSA-rv83-g57w-fr8j

<1.25.4-r9
  • L
GHSA-j3gx-2473-5fp8

<1.25.4-r9
  • L
Direct Request ('Forced Browsing')

<1.25.4-r9
  • L
GHSA-j5pm-7495-qmr3

<1.24.4-r1
  • L
Race Condition

<1.24.4-r1
  • L
GHSA-fw7p-63qq-7hpr

<1.25.4-r3
  • L
CVE-2025-61732

<1.25.4-r1
  • L
Improper Certificate Validation

<1.25.2-r1
  • L
GHSA-vvgc-356p-c3xw

<1.23.7-r1
  • L
GHSA-29wx-vh33-7x7r

<1.22.3-r2
  • L
Improper Initialization

<1.25.4-r3
  • L
GHSA-92cp-5422-2mw7

<1.23.5-r1
  • L
GHSA-r9px-m959-cxf4

<1.22.6-r2
  • L
CVE-2025-22872

<1.23.7-r1
  • L
CVE-2024-34156

<1.22.2-r1
  • L
GHSA-crqm-pwhx-j97f

<1.22.2-r1
  • L
Improper Input Validation

<1.23.5-r1
  • L
Resource Exhaustion

<1.22.6-r2
  • L
GHSA-5mh9-3jwc-rp59

<1.25.2-r1
  • L
GHSA-9w9f-6mg8-jp7w

<1.23.7-r2
  • M
Missing Authentication for Critical Function

<1.23.7-r2
  • L
CVE-2025-58181

<1.25.2-r0
  • L
GHSA-7c64-f9jr-v9h2

<1.25.2-r1
  • L
Improper Certificate Validation

<1.25.2-r1
  • L
Improper Handling of Exceptional Conditions

<1.22.3-r2
  • L
GHSA-q9hv-hpm4-hj6x

<1.25.4-r4
  • C
CVE-2026-1229

<1.25.4-r4
  • L
CVE-2024-45336

<1.23.1-r1
  • L
CVE-2024-34158

<1.22.2-r1
  • L
GHSA-7wrw-r4p8-38rx

<1.23.1-r1
  • L
CVE-2024-45341

<1.23.1-r1
  • L
GHSA-f6x5-jh6r-wrfv

<1.25.2-r0
  • L
CVE-2024-45337

<1.22.5-r0
  • L
GHSA-3f6r-qh9c-x6mm

<1.23.1-r1
  • L
CVE-2024-45338

<1.22.6-r1
  • L
GHSA-j7vj-rw65-4v26

<1.22.2-r1
  • L
GHSA-j5w8-q4qc-rx2x

<1.25.2-r0
  • L
GHSA-w32m-9786-jp63

<1.22.6-r1
  • L
GHSA-8jvr-vh7g-f8gx

<1.25.4-r1
  • L
GHSA-v778-237x-gjrc

<1.22.5-r0
  • C
Arbitrary Argument Injection

<1.24.6-r1
  • L
Asymmetric Resource Consumption (Amplification)

<1.23.5-r2
  • L
GHSA-mh63-6h87-95cp

<1.23.5-r2
  • L
Arbitrary Argument Injection

<1.22.6-r2
  • L
GHSA-37cx-329c-33x3

<1.25.4-r2
  • L
GHSA-v725-9546-7q7m

<1.22.6-r2
  • L
CVE-2024-34155

<1.22.2-r1
  • M
Improper Validation of Integrity Check Value

<1.25.4-r2
  • L
GHSA-wpwj-69cm-q9c5

<1.24.6-r1
  • L
GHSA-8xfx-rj4p-23jm

<1.22.2-r1
  • L
CVE-2025-47914

<1.25.2-r0