CVE-2020-14144
OS Command Injection in go/github.com/go-gitea/gitea
Identifiers
CVE-2020-14144
Package Slug
go/github.com/go-gitea/gitea
Vulnerability
OS Command Injection
Description
The git hook feature in Gitea allows for authenticated remote code execution.
Affected Versions
All versions starting from 1.1.0 up to 1.12.5
Solution
Upgrade to version 1.12.6 or above.
Last Modified
2020-10-22
| source |