CVE-2025-68944

CVSS v3.1

5.3

Medium

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Name of the Vulnerable Software and Affected Versions Gitea versions prior to 1.22.2

Description A flaw exists in Gitea where the propagation of token scope for access control is improperly handled within its package registries. This can lead to unauthorized access.

Recommendations Update to Gitea version 1.22.2 or later.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-441

Related Identifiers

BIT-GITEA-2025-68944

CVE-2025-68944

GHSA-F85H-C7M6-CFPM

GO-2025-4264

SUSE-SU-2026:0037-1

Affected Products

Gitea

CVE-2025-68944

Weakness Enumeration

Related Identifiers

Affected Products

References · 89