
We found results for “”
CVE-2024-39932
Good to know:

Date: July 3, 2024
Gogs through 0.13.0 allows argument injection during the previewing of changes. The original fix version, 0.13.1, was pulled back due to certain issues. The vendor recommends upgrading to 0.13.2. See https://github.com/gogs/gogs/releases/tag/v0.13.1
Language: Go
Severity Score
Related Resources (8)
Severity Score
Weakness Type (CWE)
Improper Control of Generation of Code ('Code Injection')
CWE-94Top Fix

CVSS v3.1
Base Score: |
|
---|---|
Attack Vector (AV): | NETWORK |
Attack Complexity (AC): | LOW |
Privileges Required (PR): | LOW |
User Interaction (UI): | NONE |
Scope (S): | CHANGED |
Confidentiality (C): | HIGH |
Integrity (I): | HIGH |
Availability (A): | HIGH |