vulnerability

Gentoo Linux: CVE-2022-38183: Gitea: Multiple Vulnerabilities

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
7	(AV:N/AC:L/Au:S/C:C/I:N/A:N)	Aug 12, 2022	Oct 31, 2022	Mar 31, 2026

Severity

CVSS

(AV:N/AC:L/Au:S/C:C/I:N/A:N)

Published

Aug 12, 2022

Added

Oct 31, 2022

Modified

Mar 31, 2026

Description

In Gitea before 1.16.9, it was possible for users to add existing issues to projects. Due to improper access controls, an attacker could assign any issue to any project in Gitea (there was no permission check for fetching the issue). As a result, the attacker would get access to private issue titles.

Solution

gentoo-linux-upgrade-www-apps-gitea

References

CVE-2022-38183
https://attackerkb.com/topics/CVE-2022-38183
CWE-862
EUVD-EUVD-2022-6551
GENTOO-202210-14
https://euvd.enisa.europa.eu/vulnerability/EUVD-2022-6551

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today