[Git][security-tracker-team/security-tracker][master] Add new set of gitea issues

Salvatore Bonaccorso (@carnil) carnil at debian.org
Fri Jan 23 09:15:36 GMT 2026 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
791c8b8f by Salvatore Bonaccorso at 2026-01-23T10:14:09+01:00
Add new set of gitea issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -54,21 +54,21 @@ CVE-2026-21264 (Improper neutralization of input during web page generation ('cr
 CVE-2026-21227 (Improper limitation of a pathname to a restricted directory ('path tra ...)
 	TODO: check
 CVE-2026-20912 (Gitea does not properly validate repository ownership when linking att ...)
-	TODO: check
+	- gitea <removed>
 CVE-2026-20904 (Gitea does not properly validate ownership when toggling OpenID URI vi ...)
-	TODO: check
+	- gitea <removed>
 CVE-2026-20897 (Gitea does not properly validate repository ownership when deleting Gi ...)
-	TODO: check
+	- gitea <removed>
 CVE-2026-20888 (Gitea does not properly verify authorization when canceling scheduled  ...)
-	TODO: check
+	- gitea <removed>
 CVE-2026-20883 (Gitea's stopwatch API does not re-validate repository access permissio ...)
-	TODO: check
+	- gitea <removed>
 CVE-2026-20800 (Gitea's notification API does not re-validate repository access permis ...)
-	TODO: check
+	- gitea <removed>
 CVE-2026-20750 (Gitea does not properly validate project ownership in organization pro ...)
-	TODO: check
+	- gitea <removed>
 CVE-2026-20736 (Gitea does not properly verify repository context when deleting attach ...)
-	TODO: check
+	- gitea <removed>
 CVE-2026-20613 (The ArchiveReader.extractContents() function used by cctl image load a ...)
 	NOT-FOR-US: Apple
 CVE-2026-1201 (An Authorization Bypass Through User-Controlled Key vulnerability in H ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/791c8b8f80f2be8c1fb8c5393b9e10f588de6b54

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/791c8b8f80f2be8c1fb8c5393b9e10f588de6b54
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260123/8dce9d8f/attachment.htm>

More information about the debian-security-tracker-commits mailing list