CVE-2022-1285 - Server-Side Request Forgery (SSRF) in GitHub repository gogs/gogs prior to 0.12.8.

CVE-2022-1285

Summary

Server-Side Request Forgery (SSRF) in GitHub repository gogs/gogs prior to 0.12.8.

References

Vulnerable Configurations

cpe:2.3:a:gogs:gogs:0.2.0:*:*:*:*:*:*:*
cpe:2.3:a:gogs:gogs:0.2.0:*:*:*:*:*:*:*
cpe:2.3:a:gogs:gogs:0.3.0:*:*:*:*:*:*:*
cpe:2.3:a:gogs:gogs:0.3.0:*:*:*:*:*:*:*
cpe:2.3:a:gogs:gogs:0.3.1:*:*:*:*:*:*:*
cpe:2.3:a:gogs:gogs:0.3.1:*:*:*:*:*:*:*
cpe:2.3:a:gogs:gogs:0.4.0:*:*:*:*:*:*:*
cpe:2.3:a:gogs:gogs:0.4.0:*:*:*:*:*:*:*
cpe:2.3:a:gogs:gogs:0.4.1:*:*:*:*:*:*:*
cpe:2.3:a:gogs:gogs:0.4.1:*:*:*:*:*:*:*
cpe:2.3:a:gogs:gogs:0.4.2:*:*:*:*:*:*:*
cpe:2.3:a:gogs:gogs:0.4.2:*:*:*:*:*:*:*
cpe:2.3:a:gogs:gogs:0.5.0:*:*:*:*:*:*:*
cpe:2.3:a:gogs:gogs:0.5.0:*:*:*:*:*:*:*
cpe:2.3:a:gogs:gogs:0.5.2:*:*:*:*:*:*:*
cpe:2.3:a:gogs:gogs:0.5.2:*:*:*:*:*:*:*
cpe:2.3:a:gogs:gogs:0.5.5:*:*:*:*:*:*:*
cpe:2.3:a:gogs:gogs:0.5.5:*:*:*:*:*:*:*
cpe:2.3:a:gogs:gogs:0.5.8:*:*:*:*:*:*:*
cpe:2.3:a:gogs:gogs:0.5.8:*:*:*:*:*:*:*
cpe:2.3:a:gogs:gogs:0.5.9:*:*:*:*:*:*:*
cpe:2.3:a:gogs:gogs:0.5.9:*:*:*:*:*:*:*
cpe:2.3:a:gogs:gogs:0.5.11:*:*:*:*:*:*:*
cpe:2.3:a:gogs:gogs:0.5.11:*:*:*:*:*:*:*
cpe:2.3:a:gogs:gogs:0.5.13:*:*:*:*:*:*:*
cpe:2.3:a:gogs:gogs:0.5.13:*:*:*:*:*:*:*
cpe:2.3:a:gogs:gogs:0.6.0:*:*:*:*:*:*:*
cpe:2.3:a:gogs:gogs:0.6.0:*:*:*:*:*:*:*
cpe:2.3:a:gogs:gogs:0.6.1:*:*:*:*:*:*:*
cpe:2.3:a:gogs:gogs:0.6.1:*:*:*:*:*:*:*
cpe:2.3:a:gogs:gogs:0.6.3:*:*:*:*:*:*:*
cpe:2.3:a:gogs:gogs:0.6.3:*:*:*:*:*:*:*
cpe:2.3:a:gogs:gogs:0.6.5:*:*:*:*:*:*:*
cpe:2.3:a:gogs:gogs:0.6.5:*:*:*:*:*:*:*
cpe:2.3:a:gogs:gogs:0.6.9:*:*:*:*:*:*:*
cpe:2.3:a:gogs:gogs:0.6.9:*:*:*:*:*:*:*
cpe:2.3:a:gogs:gogs:0.6.15:*:*:*:*:*:*:*
cpe:2.3:a:gogs:gogs:0.6.15:*:*:*:*:*:*:*
cpe:2.3:a:gogs:gogs:0.7.0:*:*:*:*:*:*:*
cpe:2.3:a:gogs:gogs:0.7.0:*:*:*:*:*:*:*
cpe:2.3:a:gogs:gogs:0.7.6:*:*:*:*:*:*:*
cpe:2.3:a:gogs:gogs:0.7.6:*:*:*:*:*:*:*
cpe:2.3:a:gogs:gogs:0.7.19:*:*:*:*:*:*:*
cpe:2.3:a:gogs:gogs:0.7.19:*:*:*:*:*:*:*
cpe:2.3:a:gogs:gogs:0.7.22:*:*:*:*:*:*:*
cpe:2.3:a:gogs:gogs:0.7.22:*:*:*:*:*:*:*
cpe:2.3:a:gogs:gogs:0.7.33:*:*:*:*:*:*:*
cpe:2.3:a:gogs:gogs:0.7.33:*:*:*:*:*:*:*
cpe:2.3:a:gogs:gogs:0.8.0:*:*:*:*:*:*:*
cpe:2.3:a:gogs:gogs:0.8.0:*:*:*:*:*:*:*
cpe:2.3:a:gogs:gogs:0.8.10:*:*:*:*:*:*:*
cpe:2.3:a:gogs:gogs:0.8.10:*:*:*:*:*:*:*
cpe:2.3:a:gogs:gogs:0.8.25:*:*:*:*:*:*:*
cpe:2.3:a:gogs:gogs:0.8.25:*:*:*:*:*:*:*
cpe:2.3:a:gogs:gogs:0.8.43:*:*:*:*:*:*:*
cpe:2.3:a:gogs:gogs:0.8.43:*:*:*:*:*:*:*
cpe:2.3:a:gogs:gogs:0.9.0:*:*:*:*:*:*:*
cpe:2.3:a:gogs:gogs:0.9.0:*:*:*:*:*:*:*
cpe:2.3:a:gogs:gogs:0.9.13:*:*:*:*:*:*:*
cpe:2.3:a:gogs:gogs:0.9.13:*:*:*:*:*:*:*
cpe:2.3:a:gogs:gogs:0.9.46:*:*:*:*:*:*:*
cpe:2.3:a:gogs:gogs:0.9.46:*:*:*:*:*:*:*
cpe:2.3:a:gogs:gogs:0.9.48:*:*:*:*:*:*:*
cpe:2.3:a:gogs:gogs:0.9.48:*:*:*:*:*:*:*
cpe:2.3:a:gogs:gogs:0.9.60:*:*:*:*:*:*:*
cpe:2.3:a:gogs:gogs:0.9.60:*:*:*:*:*:*:*
cpe:2.3:a:gogs:gogs:0.9.71:*:*:*:*:*:*:*
cpe:2.3:a:gogs:gogs:0.9.71:*:*:*:*:*:*:*
cpe:2.3:a:gogs:gogs:0.9.97:*:*:*:*:*:*:*
cpe:2.3:a:gogs:gogs:0.9.97:*:*:*:*:*:*:*
cpe:2.3:a:gogs:gogs:0.9.113:*:*:*:*:*:*:*
cpe:2.3:a:gogs:gogs:0.9.113:*:*:*:*:*:*:*
cpe:2.3:a:gogs:gogs:0.9.128:*:*:*:*:*:*:*
cpe:2.3:a:gogs:gogs:0.9.128:*:*:*:*:*:*:*
cpe:2.3:a:gogs:gogs:0.9.141:*:*:*:*:*:*:*
cpe:2.3:a:gogs:gogs:0.9.141:*:*:*:*:*:*:*
cpe:2.3:a:gogs:gogs:0.10:-:*:*:*:*:*:*
cpe:2.3:a:gogs:gogs:0.10:-:*:*:*:*:*:*
cpe:2.3:a:gogs:gogs:0.10:rc:*:*:*:*:*:*
cpe:2.3:a:gogs:gogs:0.10:rc:*:*:*:*:*:*
cpe:2.3:a:gogs:gogs:0.10.1:*:*:*:*:*:*:*
cpe:2.3:a:gogs:gogs:0.10.1:*:*:*:*:*:*:*
cpe:2.3:a:gogs:gogs:0.10.8:*:*:*:*:*:*:*
cpe:2.3:a:gogs:gogs:0.10.8:*:*:*:*:*:*:*
cpe:2.3:a:gogs:gogs:0.10.18:*:*:*:*:*:*:*
cpe:2.3:a:gogs:gogs:0.10.18:*:*:*:*:*:*:*
cpe:2.3:a:gogs:gogs:0.11:-:*:*:*:*:*:*
cpe:2.3:a:gogs:gogs:0.11:-:*:*:*:*:*:*
cpe:2.3:a:gogs:gogs:0.11:rc:*:*:*:*:*:*
cpe:2.3:a:gogs:gogs:0.11:rc:*:*:*:*:*:*
cpe:2.3:a:gogs:gogs:0.11.4:*:*:*:*:*:*:*
cpe:2.3:a:gogs:gogs:0.11.4:*:*:*:*:*:*:*
cpe:2.3:a:gogs:gogs:0.11.19:*:*:*:*:*:*:*
cpe:2.3:a:gogs:gogs:0.11.19:*:*:*:*:*:*:*
cpe:2.3:a:gogs:gogs:0.11.29:*:*:*:*:*:*:*
cpe:2.3:a:gogs:gogs:0.11.29:*:*:*:*:*:*:*
cpe:2.3:a:gogs:gogs:0.11.33:*:*:*:*:*:*:*
cpe:2.3:a:gogs:gogs:0.11.33:*:*:*:*:*:*:*
cpe:2.3:a:gogs:gogs:0.11.34:*:*:*:*:*:*:*
cpe:2.3:a:gogs:gogs:0.11.34:*:*:*:*:*:*:*
cpe:2.3:a:gogs:gogs:0.11.43:*:*:*:*:*:*:*
cpe:2.3:a:gogs:gogs:0.11.43:*:*:*:*:*:*:*
cpe:2.3:a:gogs:gogs:0.11.53:*:*:*:*:*:*:*
cpe:2.3:a:gogs:gogs:0.11.53:*:*:*:*:*:*:*
cpe:2.3:a:gogs:gogs:0.11.66:*:*:*:*:*:*:*
cpe:2.3:a:gogs:gogs:0.11.66:*:*:*:*:*:*:*
cpe:2.3:a:gogs:gogs:0.11.79:*:*:*:*:*:*:*
cpe:2.3:a:gogs:gogs:0.11.79:*:*:*:*:*:*:*
cpe:2.3:a:gogs:gogs:0.11.82.1218:*:*:*:*:*:*:*
cpe:2.3:a:gogs:gogs:0.11.82.1218:*:*:*:*:*:*:*
cpe:2.3:a:gogs:gogs:0.11.86:*:*:*:*:*:*:*
cpe:2.3:a:gogs:gogs:0.11.86:*:*:*:*:*:*:*
cpe:2.3:a:gogs:gogs:0.11.91:*:*:*:*:*:*:*
cpe:2.3:a:gogs:gogs:0.11.91:*:*:*:*:*:*:*
cpe:2.3:a:gogs:gogs:0.12:*:*:*:*:*:*:*
cpe:2.3:a:gogs:gogs:0.12:*:*:*:*:*:*:*
cpe:2.3:a:gogs:gogs:0.12.2:*:*:*:*:*:*:*
cpe:2.3:a:gogs:gogs:0.12.2:*:*:*:*:*:*:*
cpe:2.3:a:gogs:gogs:0.12.3:*:*:*:*:*:*:*
cpe:2.3:a:gogs:gogs:0.12.3:*:*:*:*:*:*:*
cpe:2.3:a:gogs:gogs:0.12.4:-:*:*:*:*:*:*
cpe:2.3:a:gogs:gogs:0.12.4:-:*:*:*:*:*:*
cpe:2.3:a:gogs:gogs:0.12.4:rc1:*:*:*:*:*:*
cpe:2.3:a:gogs:gogs:0.12.4:rc1:*:*:*:*:*:*
cpe:2.3:a:gogs:gogs:0.12.5:-:*:*:*:*:*:*
cpe:2.3:a:gogs:gogs:0.12.5:-:*:*:*:*:*:*
cpe:2.3:a:gogs:gogs:0.12.5:rc1:*:*:*:*:*:*
cpe:2.3:a:gogs:gogs:0.12.5:rc1:*:*:*:*:*:*
cpe:2.3:a:gogs:gogs:0.12.6:*:*:*:*:*:*:*
cpe:2.3:a:gogs:gogs:0.12.6:*:*:*:*:*:*:*
cpe:2.3:a:gogs:gogs:0.12.7:*:*:*:*:*:*:*
cpe:2.3:a:gogs:gogs:0.12.7:*:*:*:*:*:*:*

CVSS

Base:	4.3 (as of 08-06-2022 - 19:53)
Impact:
Exploitability:

CWE

CWE-918

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	MEDIUM	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	NONE	NONE

cvss-vector via4

AV:N/AC:M/Au:N/C:P/I:N/A:N

Last major update

08-06-2022 - 19:53

Published

01-06-2022 - 06:15

Last modified

08-06-2022 - 19:53