rpm package versions - code.gitea.io/gitea/routers/api/packages/rpm

Sep 24, 2025 GO-2025-4261

GO-2025-4261: Gitea allows attackers to add attachments with forbidden file extensions in code.gitea.io/gitea

Dec 18, 2025 GO-2025-4261

GO-2025-4261: Gitea allows attackers to add attachments with forbidden file extensions in code.gitea.io/gitea

Nov 22, 2025 GO-2025-4261

GO-2025-4261: Gitea allows attackers to add attachments with forbidden file extensions in code.gitea.io/gitea

Nov 4, 2025 GO-2025-4258 +1 more

GO-2025-4258: Gitea mishandles authorization for deletion of releases in code.gitea.io/gitea

GO-2025-4261: Gitea allows attackers to add attachments with forbidden file extensions in code.gitea.io/gitea

Oct 29, 2025 GO-2025-4258 +1 more

GO-2025-4258: Gitea mishandles authorization for deletion of releases in code.gitea.io/gitea

GO-2025-4261: Gitea allows attackers to add attachments with forbidden file extensions in code.gitea.io/gitea

Sep 25, 2025 GO-2025-4258 +1 more

GO-2025-4258: Gitea mishandles authorization for deletion of releases in code.gitea.io/gitea

GO-2025-4261: Gitea allows attackers to add attachments with forbidden file extensions in code.gitea.io/gitea

Apr 28, 2025 GO-2025-4258 +1 more

GO-2025-4258: Gitea mishandles authorization for deletion of releases in code.gitea.io/gitea

GO-2025-4261: Gitea allows attackers to add attachments with forbidden file extensions in code.gitea.io/gitea

Oct 25, 2025 GO-2025-4258 +1 more

GO-2025-4258: Gitea mishandles authorization for deletion of releases in code.gitea.io/gitea

GO-2025-4261: Gitea allows attackers to add attachments with forbidden file extensions in code.gitea.io/gitea

Sep 11, 2025 GO-2025-4258 +1 more

GO-2025-4258: Gitea mishandles authorization for deletion of releases in code.gitea.io/gitea

GO-2025-4261: Gitea allows attackers to add attachments with forbidden file extensions in code.gitea.io/gitea

Aug 13, 2025 GO-2025-4258 +1 more

GO-2025-4258: Gitea mishandles authorization for deletion of releases in code.gitea.io/gitea

GO-2025-4261: Gitea allows attackers to add attachments with forbidden file extensions in code.gitea.io/gitea

Aug 4, 2025 GO-2025-4258 +1 more

GO-2025-4258: Gitea mishandles authorization for deletion of releases in code.gitea.io/gitea

GO-2025-4261: Gitea allows attackers to add attachments with forbidden file extensions in code.gitea.io/gitea

Jul 15, 2025 GO-2025-4258 +1 more

GO-2025-4258: Gitea mishandles authorization for deletion of releases in code.gitea.io/gitea

GO-2025-4261: Gitea allows attackers to add attachments with forbidden file extensions in code.gitea.io/gitea

Jun 20, 2025 GO-2025-4258 +1 more

GO-2025-4258: Gitea mishandles authorization for deletion of releases in code.gitea.io/gitea

GO-2025-4261: Gitea allows attackers to add attachments with forbidden file extensions in code.gitea.io/gitea

Jun 19, 2025 GO-2025-4258 +1 more

GO-2025-4258: Gitea mishandles authorization for deletion of releases in code.gitea.io/gitea

GO-2025-4261: Gitea allows attackers to add attachments with forbidden file extensions in code.gitea.io/gitea

Jun 10, 2025 GO-2025-4258 +1 more

GO-2025-4258: Gitea mishandles authorization for deletion of releases in code.gitea.io/gitea

GO-2025-4261: Gitea allows attackers to add attachments with forbidden file extensions in code.gitea.io/gitea

Apr 29, 2025 GO-2025-4258 +1 more

GO-2025-4258: Gitea mishandles authorization for deletion of releases in code.gitea.io/gitea

GO-2025-4261: Gitea allows attackers to add attachments with forbidden file extensions in code.gitea.io/gitea

Dec 16, 2024 GO-2025-4258 +1 more

GO-2025-4258: Gitea mishandles authorization for deletion of releases in code.gitea.io/gitea

GO-2025-4261: Gitea allows attackers to add attachments with forbidden file extensions in code.gitea.io/gitea

May 12, 2025 GO-2025-4258 +1 more

GO-2025-4258: Gitea mishandles authorization for deletion of releases in code.gitea.io/gitea

GO-2025-4261: Gitea allows attackers to add attachments with forbidden file extensions in code.gitea.io/gitea

Apr 7, 2025 GO-2025-4258 +1 more

GO-2025-4258: Gitea mishandles authorization for deletion of releases in code.gitea.io/gitea

GO-2025-4261: Gitea allows attackers to add attachments with forbidden file extensions in code.gitea.io/gitea

Mar 24, 2025 GO-2025-4258 +1 more

GO-2025-4258: Gitea mishandles authorization for deletion of releases in code.gitea.io/gitea

GO-2025-4261: Gitea allows attackers to add attachments with forbidden file extensions in code.gitea.io/gitea

Mar 4, 2025 GO-2025-4258 +1 more

GO-2025-4258: Gitea mishandles authorization for deletion of releases in code.gitea.io/gitea

GO-2025-4261: Gitea allows attackers to add attachments with forbidden file extensions in code.gitea.io/gitea

Feb 19, 2025 GO-2025-4258 +1 more

GO-2025-4258: Gitea mishandles authorization for deletion of releases in code.gitea.io/gitea

GO-2025-4261: Gitea allows attackers to add attachments with forbidden file extensions in code.gitea.io/gitea

Feb 6, 2025 GO-2025-4258 +1 more

GO-2025-4258: Gitea mishandles authorization for deletion of releases in code.gitea.io/gitea

GO-2025-4261: Gitea allows attackers to add attachments with forbidden file extensions in code.gitea.io/gitea

Feb 5, 2025 GO-2025-4258 +1 more

GO-2025-4258: Gitea mishandles authorization for deletion of releases in code.gitea.io/gitea

GO-2025-4261: Gitea allows attackers to add attachments with forbidden file extensions in code.gitea.io/gitea

Jan 10, 2025 GO-2025-4258 +1 more

GO-2025-4258: Gitea mishandles authorization for deletion of releases in code.gitea.io/gitea

GO-2025-4261: Gitea allows attackers to add attachments with forbidden file extensions in code.gitea.io/gitea

Jan 9, 2025 GO-2025-4258 +1 more

GO-2025-4258: Gitea mishandles authorization for deletion of releases in code.gitea.io/gitea

GO-2025-4261: Gitea allows attackers to add attachments with forbidden file extensions in code.gitea.io/gitea

Dec 17, 2024 GO-2025-4258 +1 more

GO-2025-4258: Gitea mishandles authorization for deletion of releases in code.gitea.io/gitea

GO-2025-4261: Gitea allows attackers to add attachments with forbidden file extensions in code.gitea.io/gitea

Mar 28, 2024 GO-2025-4258 +1 more

GO-2025-4258: Gitea mishandles authorization for deletion of releases in code.gitea.io/gitea

GO-2025-4261: Gitea allows attackers to add attachments with forbidden file extensions in code.gitea.io/gitea

Dec 13, 2024 GO-2025-4258 +1 more

GO-2025-4258: Gitea mishandles authorization for deletion of releases in code.gitea.io/gitea

GO-2025-4261: Gitea allows attackers to add attachments with forbidden file extensions in code.gitea.io/gitea

Dec 11, 2024 GO-2025-4258 +1 more

GO-2025-4258: Gitea mishandles authorization for deletion of releases in code.gitea.io/gitea

GO-2025-4261: Gitea allows attackers to add attachments with forbidden file extensions in code.gitea.io/gitea

Nov 25, 2024 GO-2025-4258 +2 more

GO-2025-4258: Gitea mishandles authorization for deletion of releases in code.gitea.io/gitea

GO-2025-4261: Gitea allows attackers to add attachments with forbidden file extensions in code.gitea.io/gitea

GO-2025-4267: Gitea doesn't adequately enforce branch deletion permissions after merging a pull request. in code.gitea.io/gitea

Oct 9, 2024 GO-2025-4258 +2 more

GO-2025-4258: Gitea mishandles authorization for deletion of releases in code.gitea.io/gitea

GO-2025-4261: Gitea allows attackers to add attachments with forbidden file extensions in code.gitea.io/gitea

GO-2025-4267: Gitea doesn't adequately enforce branch deletion permissions after merging a pull request. in code.gitea.io/gitea

Sep 5, 2024 GO-2025-4258 +3 more

GO-2025-4258: Gitea mishandles authorization for deletion of releases in code.gitea.io/gitea

GO-2025-4261: Gitea allows attackers to add attachments with forbidden file extensions in code.gitea.io/gitea

GO-2025-4267: Gitea doesn't adequately enforce branch deletion permissions after merging a pull request. in code.gitea.io/gitea

GO-2025-4268: Gitea mishandles access to a private resource upon receiving an API token with scope limited to public resources in code.gitea.io/gitea

Jul 4, 2024 GO-2025-4258 +5 more

GO-2025-4258: Gitea mishandles authorization for deletion of releases in code.gitea.io/gitea

GO-2025-4261: Gitea allows attackers to add attachments with forbidden file extensions in code.gitea.io/gitea

GO-2025-4263: Gitea allows XSS because the search input box (for creating tags and branches) is v-html instead of v-text in code.gitea.io/gitea

GO-2025-4264: Gitea sometimes mishandles propagation of token scope for access control within one of its own package registries in code.gitea.io/gitea

GO-2025-4267: Gitea doesn't adequately enforce branch deletion permissions after merging a pull request. in code.gitea.io/gitea

GO-2025-4268: Gitea mishandles access to a private resource upon receiving an API token with scope limited to public resources in code.gitea.io/gitea

May 27, 2024 GO-2024-3056 +6 more

GO-2024-3056: Gitea Cross-site Scripting Vulnerability in code.gitea.io/gitea

GO-2025-4258: Gitea mishandles authorization for deletion of releases in code.gitea.io/gitea

GO-2025-4261: Gitea allows attackers to add attachments with forbidden file extensions in code.gitea.io/gitea

GO-2025-4263: Gitea allows XSS because the search input box (for creating tags and branches) is v-html instead of v-text in code.gitea.io/gitea

GO-2025-4264: Gitea sometimes mishandles propagation of token scope for access control within one of its own package registries in code.gitea.io/gitea

GO-2025-4267: Gitea doesn't adequately enforce branch deletion permissions after merging a pull request. in code.gitea.io/gitea

GO-2025-4268: Gitea mishandles access to a private resource upon receiving an API token with scope limited to public resources in code.gitea.io/gitea

Apr 27, 2024 GO-2024-3056 +6 more

GO-2024-3056: Gitea Cross-site Scripting Vulnerability in code.gitea.io/gitea

GO-2025-4258: Gitea mishandles authorization for deletion of releases in code.gitea.io/gitea

GO-2025-4261: Gitea allows attackers to add attachments with forbidden file extensions in code.gitea.io/gitea

GO-2025-4263: Gitea allows XSS because the search input box (for creating tags and branches) is v-html instead of v-text in code.gitea.io/gitea

GO-2025-4264: Gitea sometimes mishandles propagation of token scope for access control within one of its own package registries in code.gitea.io/gitea

GO-2025-4267: Gitea doesn't adequately enforce branch deletion permissions after merging a pull request. in code.gitea.io/gitea

GO-2025-4268: Gitea mishandles access to a private resource upon receiving an API token with scope limited to public resources in code.gitea.io/gitea

Mar 28, 2024 GO-2024-3056 +6 more

GO-2024-3056: Gitea Cross-site Scripting Vulnerability in code.gitea.io/gitea

GO-2025-4258: Gitea mishandles authorization for deletion of releases in code.gitea.io/gitea

GO-2025-4261: Gitea allows attackers to add attachments with forbidden file extensions in code.gitea.io/gitea

GO-2025-4263: Gitea allows XSS because the search input box (for creating tags and branches) is v-html instead of v-text in code.gitea.io/gitea

GO-2025-4264: Gitea sometimes mishandles propagation of token scope for access control within one of its own package registries in code.gitea.io/gitea

GO-2025-4267: Gitea doesn't adequately enforce branch deletion permissions after merging a pull request. in code.gitea.io/gitea

GO-2025-4268: Gitea mishandles access to a private resource upon receiving an API token with scope limited to public resources in code.gitea.io/gitea

Sep 20, 2023 GO-2024-3056 +6 more

GO-2024-3056: Gitea Cross-site Scripting Vulnerability in code.gitea.io/gitea

GO-2025-4258: Gitea mishandles authorization for deletion of releases in code.gitea.io/gitea

GO-2025-4261: Gitea allows attackers to add attachments with forbidden file extensions in code.gitea.io/gitea

GO-2025-4263: Gitea allows XSS because the search input box (for creating tags and branches) is v-html instead of v-text in code.gitea.io/gitea

GO-2025-4264: Gitea sometimes mishandles propagation of token scope for access control within one of its own package registries in code.gitea.io/gitea

GO-2025-4267: Gitea doesn't adequately enforce branch deletion permissions after merging a pull request. in code.gitea.io/gitea

GO-2025-4268: Gitea mishandles access to a private resource upon receiving an API token with scope limited to public resources in code.gitea.io/gitea

Apr 16, 2024 GO-2024-3056 +6 more

GO-2024-3056: Gitea Cross-site Scripting Vulnerability in code.gitea.io/gitea

GO-2025-4258: Gitea mishandles authorization for deletion of releases in code.gitea.io/gitea

GO-2025-4261: Gitea allows attackers to add attachments with forbidden file extensions in code.gitea.io/gitea

GO-2025-4263: Gitea allows XSS because the search input box (for creating tags and branches) is v-html instead of v-text in code.gitea.io/gitea

GO-2025-4264: Gitea sometimes mishandles propagation of token scope for access control within one of its own package registries in code.gitea.io/gitea

GO-2025-4267: Gitea doesn't adequately enforce branch deletion permissions after merging a pull request. in code.gitea.io/gitea

GO-2025-4268: Gitea mishandles access to a private resource upon receiving an API token with scope limited to public resources in code.gitea.io/gitea

Mar 25, 2024 GO-2024-3056 +6 more

GO-2024-3056: Gitea Cross-site Scripting Vulnerability in code.gitea.io/gitea

GO-2025-4258: Gitea mishandles authorization for deletion of releases in code.gitea.io/gitea

GO-2025-4261: Gitea allows attackers to add attachments with forbidden file extensions in code.gitea.io/gitea

GO-2025-4263: Gitea allows XSS because the search input box (for creating tags and branches) is v-html instead of v-text in code.gitea.io/gitea

GO-2025-4264: Gitea sometimes mishandles propagation of token scope for access control within one of its own package registries in code.gitea.io/gitea

GO-2025-4267: Gitea doesn't adequately enforce branch deletion permissions after merging a pull request. in code.gitea.io/gitea

GO-2025-4268: Gitea mishandles access to a private resource upon receiving an API token with scope limited to public resources in code.gitea.io/gitea

Mar 22, 2024 GO-2024-3056 +6 more

GO-2024-3056: Gitea Cross-site Scripting Vulnerability in code.gitea.io/gitea

GO-2025-4258: Gitea mishandles authorization for deletion of releases in code.gitea.io/gitea

GO-2025-4261: Gitea allows attackers to add attachments with forbidden file extensions in code.gitea.io/gitea

GO-2025-4263: Gitea allows XSS because the search input box (for creating tags and branches) is v-html instead of v-text in code.gitea.io/gitea

GO-2025-4264: Gitea sometimes mishandles propagation of token scope for access control within one of its own package registries in code.gitea.io/gitea

GO-2025-4267: Gitea doesn't adequately enforce branch deletion permissions after merging a pull request. in code.gitea.io/gitea

GO-2025-4268: Gitea mishandles access to a private resource upon receiving an API token with scope limited to public resources in code.gitea.io/gitea

Mar 13, 2024 GO-2024-3056 +6 more

GO-2024-3056: Gitea Cross-site Scripting Vulnerability in code.gitea.io/gitea

GO-2025-4258: Gitea mishandles authorization for deletion of releases in code.gitea.io/gitea

GO-2025-4261: Gitea allows attackers to add attachments with forbidden file extensions in code.gitea.io/gitea

GO-2025-4263: Gitea allows XSS because the search input box (for creating tags and branches) is v-html instead of v-text in code.gitea.io/gitea

GO-2025-4264: Gitea sometimes mishandles propagation of token scope for access control within one of its own package registries in code.gitea.io/gitea

GO-2025-4267: Gitea doesn't adequately enforce branch deletion permissions after merging a pull request. in code.gitea.io/gitea

GO-2025-4268: Gitea mishandles access to a private resource upon receiving an API token with scope limited to public resources in code.gitea.io/gitea

Feb 26, 2024 GO-2024-3056 +7 more

GO-2024-3056: Gitea Cross-site Scripting Vulnerability in code.gitea.io/gitea

GO-2025-4258: Gitea mishandles authorization for deletion of releases in code.gitea.io/gitea

GO-2025-4261: Gitea allows attackers to add attachments with forbidden file extensions in code.gitea.io/gitea

GO-2025-4263: Gitea allows XSS because the search input box (for creating tags and branches) is v-html instead of v-text in code.gitea.io/gitea

GO-2025-4264: Gitea sometimes mishandles propagation of token scope for access control within one of its own package registries in code.gitea.io/gitea

GO-2025-4266: Gitea inadvertently discloses users' login times by allowing (for example) the lastlogintime explore/users sort order in code.gitea.io/gitea

GO-2025-4267: Gitea doesn't adequately enforce branch deletion permissions after merging a pull request. in code.gitea.io/gitea

GO-2025-4268: Gitea mishandles access to a private resource upon receiving an API token with scope limited to public resources in code.gitea.io/gitea

Feb 22, 2024 GO-2024-3056 +7 more