← Back

CVE-2019-11228

nvd nist
Published: Apr 15, 2019Modified: Nov 21, 2024

JSON object

Loading...
7.5
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Exploitability: 3.9 / Impact: 3.6
Source: NVD

Description

repo/setting.go in Gitea before 1.7.6 and 1.8.x before 1.8-RC3 does not validate the form.MirrorAddress before calling SaveAddress.

Affected (3)

Products: Gitea: Gitea
Gitea
1 product
Gitea
Configuration A
3 vulnerable
Vulnerable SoftwareAffected Versions
Gitea
Gitea
Before 1.7.6
Gitea
Version 1.8.0 rc1
Gitea
Version 1.8.0 rc2

Related CWEs

CWE-20
Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References (4)

Source: cve@mitre.org
PatchRelease NotesThird Party Advisory
Source: cve@mitre.org
PatchRelease NotesThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
PatchRelease NotesThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
PatchRelease NotesThird Party Advisory

Timeline

No history available yet.