PT-2021-20333 · Gitea+1 · Gitea+1

Rt-95

Published

2021-02-05

Updated

2024-06-04

CVE-2021-3382

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions: gitea versions 1.9.0 through 1.13.1

Description: The issue is a stack buffer overflow vulnerability that allows remote attackers to cause a denial of service, resulting in a crash, via vectors related to a file path.

Recommendations: For gitea versions 1.9.0 through 1.13.1, update to a version outside of this range to resolve the issue. As a temporary workaround, consider restricting access to file paths that could be used to exploit this vulnerability until a patch is available.

Fix

DoS

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-787

Related Identifiers

ALT-PU-2021-1612

ALT-PU-2022-1257

BIT-GITEA-2021-3382

CVE-2021-3382

GHSA-9F8C-PFVV-P4GM

GO-2024-2757

Affected Products

Alt Linux

Gitea

PT-2021-20333 · Gitea+1 · Gitea+1

CVE-2021-3382

Weakness Enumeration

Related Identifiers

Affected Products

References · 10