SecBoard
Zurück zur CVE-Übersicht

CVE-2026-20706

NONE
Risk Signal Score5/100 — NIEDRIG

EPSS-Score

0%

Exploit-Wahrscheinlichkeit (30 Tage)

Beschreibung

Gitea versions up to and including 1.26.1 allow repository archive downloads to bypass token scope checks on the web archive download endpoint.

GitHub Advisories

GHSA-cr4g-f395-h25hMEDIUM

Gitea: Token scope bypass on web archive download endpoint

go/code.gitea.io/gitea1.26.2
GitHub Advisory

Referenzen