6543

**Name of the Vulnerable Software and Affected Versions** Gitea versions 1.16.6 and prior **Description** The issue is related to the improper handling of git fetch, allowing for shell command injection. This is due to the lack of escaping for the git fetch remote. There is no information provided about the estimated number of potentially affected devices worldwide or real-world incidents where this issue was exploited. **Recommendations** For Gitea versions 1.16.6 and prior, update to version 1.16.7 or later to resolve the issue. As a temporary workaround, consider restricting access to the `git fetch remote` functionality until a patch is available. Avoid using the `git fetch remote` command in the affected versions until the issue is resolved.