Joe Chen

8 exploits Active since Mar 2022
CVE-2026-25229 WRITEUP MEDIUM WRITEUP
Gogs <=0.13.4 - Privilege Escalation
Gogs is an open source self-hosted Git service. Versions 0.13.4 and below have a broken access control vulnerability which allows authenticated users with write access to any repository to modify labels belonging to other repositories. The UpdateLabel function in the Web UI (internal/route/repo/issue.go) fails to verify that the label being modified belongs to the repository specified in the URL path, enabling cross-repository label tampering attacks. The vulnerability exists in the Web UI's label update endpoint POST /:username/:reponame/labels/edit. The handler function UpdateLabel uses an incorrect database query function that bypasses repository ownership validation. This issue has been fixed in version 0.14.1.
CVSS 6.5
CVE-2022-0415 WRITEUP HIGH WRITEUP
Gogs < 0.12.6 - Remote Code Execution via Repository File Upload
Remote Command Execution in uploading repository file in GitHub repository gogs/gogs prior to 0.12.6.
CVSS 8.8
CVE-2022-0870 WRITEUP MEDIUM WRITEUP
Gogs < 0.12.5 - Server-Side Request Forgery
Server-Side Request Forgery (SSRF) in GitHub repository gogs/gogs prior to 0.12.5.
CVSS 5.3
CVE-2022-0871 WRITEUP CRITICAL WRITEUP
Gogs < 0.12.5 - Missing Authorization
Missing Authorization in GitHub repository gogs/gogs prior to 0.12.5.
CVSS 9.1
CVE-2022-1285 WRITEUP MEDIUM WRITEUP
Gogs < 0.12.8 - Server-Side Request Forgery
Server-Side Request Forgery (SSRF) in GitHub repository gogs/gogs prior to 0.12.8.
CVSS 6.5
CVE-2024-54148 WRITEUP CRITICAL WRITEUP
Gogs < 0.13.1 - Authenticated Path Traversal via Symlink File Commit
Gogs is an open source self-hosted Git service. A malicious user is able to commit and edit a crafted symlink file to a repository to gain SSH access to the server. The vulnerability is fixed in 0.13.1.
CVSS 9.8
CVE-2024-55947 WRITEUP HIGH WRITEUP
Gogs < 0.13.1 - Path Traversal and Arbitrary File Write
Gogs is an open source self-hosted Git service. A malicious user is able to write a file to an arbitrary path on the server to gain SSH access to the server. The vulnerability is fixed in 0.13.1.
CVSS 8.8
CVE-2024-56731 WRITEUP CRITICAL WRITEUP
Gogs < 0.13.3 - Remote Code Execution via .git Directory File Deletion
Gogs is an open source self-hosted Git service. Prior to version 0.13.3, it's still possible to delete files under the .git directory and achieve remote command execution due to an insufficient patch for CVE-2024-39931. Unprivileged user accounts can execute arbitrary commands on the Gogs instance with the privileges of the account specified by RUN_USER in the configuration. Allowing attackers to access and alter any users' code hosted on the same instance. This issue has been patched in version 0.13.3.
CVSS 10.0