Security Advisory

CVE-2026-20883

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-01-22 22:01:50

Last updated 2026-01-23 21:54:21

Assigner Gitea

State PUBLISHED

Description

Giteas stopwatch API does not re-validate repository access permissions. After a users access to a private repository is revoked, they may still view issue titles and repository names through previously started stopwatches.

← Browse all CVEs View on cve.org ↗