Lines 1-3
Link Here
|
|
|
1 |
<vuln vid="482bb980-99a3-11ee-b5f7-6bd56600d90c"> |
2 |
<topic>gitea -- missing permission checks</topic> |
3 |
<affects> |
4 |
<package> |
5 |
<name>gitea</name> |
6 |
<range><lt>1.21.2</lt></range> |
7 |
</package> |
8 |
</affects> |
9 |
<description> |
10 |
<body xmlns="http://www.w3.org/1999/xhtml"> |
11 |
<p>The Gitea team reports:</p> |
12 |
<blockquote cite="https://github.com/go-gitea/gitea/pull/28406"> |
13 |
<p>Fix missing check</p> |
14 |
</blockquote> |
15 |
<blockquote cite="https://github.com/go-gitea/gitea/pull/28423"> |
16 |
<p>Do some missing checks</p> |
17 |
</blockquote> |
18 |
<p>By crafting an API request, attackers can access the contents of |
19 |
issues even though the logged-in user does not have access rights to |
20 |
these issues.</p> |
21 |
</body> |
22 |
</description> |
23 |
<references> |
24 |
<url>https://github.com/go-gitea/gitea/releases/tag/v1.21.2</url> |
25 |
</references> |
26 |
<dates> |
27 |
<discovery>2023-08-30</discovery> |
28 |
<entry>2023-09-10</entry> |
29 |
</dates> |
30 |
</vuln> |
31 |
|
1 |
<vuln vid="8eefff69-997f-11ee-8e38-002590c1f29c"> |
32 |
<vuln vid="8eefff69-997f-11ee-8e38-002590c1f29c"> |
2 |
<topic>FreeBSD -- NFS client data corruption and kernel memory disclosure</topic> |
33 |
<topic>FreeBSD -- NFS client data corruption and kernel memory disclosure</topic> |
3 |
<affects> |
34 |
<affects> |