漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Gitea Release Email Notifications Leak Private Repository Release Details After Access Revocation
Vulnerability Description
Gitea may send release notification emails for private repositories to users whose access has been revoked. When a repository is changed from public to private, users who previously watched the repository may continue to receive release notifications, potentially disclosing release titles, tags, and content.
CVSS Information
N/A
Vulnerability Type
访问控制不恰当
Vulnerability Title
Gitea 安全漏洞
Vulnerability Description
Gitea是Gitea社区的一个基于Go开发的轻量型git服务。 Gitea存在安全漏洞,该漏洞源于未正确验证仓库访问权限,可能导致向已撤销访问权限的用户发送私有仓库的发布通知邮件,泄露发布信息。
CVSS Information
N/A
Vulnerability Type
N/A