Back to CVE List

CVE-2026-27779

Vulnerability Description

Gitea versions before 1.25.5 accept malformed or injected forwarded-proto values when detecting public URLs, allowing spoofed canonical URL generation.

Vulnerability Details

Published Date
Last Modified
CWE ID
CWE-284
Source
NVD
Vendor
Gitea
Product
Gitea Open Source Git Server

External References

Discussion (0)

Add Comment

No comments yet. Be the first!