Security Advisory

CVE-2020-28991

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2020-11-24 00:29:39

Last updated 2024-08-04 16:48:01

Assigner mitre

State PUBLISHED

Description

Gitea 0.9.99 through 1.12.x before 1.12.6 does not prevent a git protocol path that specifies a TCP port number and also contains newlines (with URL encoding) in ParseRemoteAddr in modules/auth/repo_form.go.

← Browse all CVEs View on cve.org ↗