CVE-2024-39933

Name
CVE-2024-39933
Description
Gogs through 0.13.0 allows argument injection during the tagging of a new release.
NVD Severity
medium
Other trackers
Mailing lists
Exploits
Forges
GitHub (code, issues), Aports (code, issues)

References

Type URI
https://github.com/gogs/gogs/releases
https://www.sonarsource.com/blog/securing-developer-tools-unpatched-code-vulnerabilities-in-gogs-1/

Match rules

CPE URI Source package Min version Max version
n/a == n/a == n/a

Vulnerable and fixed packages

Source package Branch Version Maintainer Status
gogs 3.20-community 0.13.0-r14 Will Sinatra <wpsinatra@gmail.com> possibly vulnerable