Zurück zur CVE-Übersicht
CVE-2026-20706
NONERisk Signal Score5/100 — NIEDRIG
EPSS-Score
0%
Exploit-Wahrscheinlichkeit (30 Tage)
Beschreibung
Gitea versions up to and including 1.26.1 allow repository archive downloads to bypass token scope checks on the web archive download endpoint.
GitHub Advisories
GHSA-cr4g-f395-h25hMEDIUM
Gitea: Token scope bypass on web archive download endpoint
go/code.gitea.io/gitea→ 1.26.2
GitHub Advisory