PT-2026-55604 · Gitea · Gitea Open Source Git Server
Fed01K
·
Published
2026-07-03
·
Updated
2026-07-03
·
CVE-2026-27779
None
No severity ratings or metrics are available. When they are, we'll update the corresponding info on the page.
Gitea versions before 1.25.5 accept malformed or injected forwarded-proto values when detecting public URLs, allowing spoofed canonical URL generation.
Improper Access Control
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Gitea Open Source Git Server