Zeripath

**Name of the Vulnerable Software and Affected Versions** Gitea versions prior to 1.17.2 **Description** The issue allows repo cloning to occur in the migration function. **Recommendations** For versions prior to 1.17.2, update to version 1.17.2 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Gitea versions prior to 1.11.2 **Description** The issue is related to trusting HTTP permission methods on the server side when referencing the vulnerable admin or user API, which could allow a remote malicious user to execute arbitrary code. It is also associated with a capture-replay vulnerability that could enable a remote attacker to bypass security restrictions, gain unauthorized access to read, modify, or delete data, or execute arbitrary code. **Recommendations** For versions prior to 1.11.2, update to version 1.11.2 or later to resolve the issue. As a temporary workaround, consider restricting access to the vulnerable admin or user API until a patch is available. Avoid using the vulnerable API endpoints, such as `/api/v1/login` or `/users/{id}`, until the issue is resolved.

Name of the Vulnerable Software and Affected Versions: Gitea versions 1.6.2 and earlier Description: The issue is related to Incorrect Access Control in the Delete/Edit file functionality, allowing an attacker to delete files outside the repository they have access to. This can be exploited by gaining write access to any repository, including self-created ones. Recommendations: For Gitea versions 1.6.2 and earlier, update to version 1.6.3 or 1.7.0-rc2 to resolve the issue. As a temporary workaround, consider restricting write access to repositories to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Gitea versions prior to 1.7.0 **Description** A Server Side Request Forgery (SSRF) issue exists, allowing a remote attacker to exploit the vulnerability using a specially crafted OpenID URL. This can lead to sensitive information about the local network being leaked through the error provided by the UI. **Recommendations** For versions prior to 1.7.0, update to version 1.7.0 or later to resolve the issue. As a temporary workaround, consider restricting access to the OpenID URL to minimize the risk of exploitation.