{"vulnerability": "CVE-2024-39930", "sightings": [{"uuid": "b0b313be-9774-445a-b4d1-1ce7412d6fd9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-39930", "type": "seen", "source": "https://t.me/cvedetector/62", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-39930 - The built-in SSH server of Gogs through 0.13.0 all\", \n  \"Content\": \"CVE ID : CVE-2024-39930 \nPublished : July 4, 2024, 4:15 p.m. | 33\u00a0minutes ago \nDescription : The built-in SSH server of Gogs through 0.13.0 allows argument injection in internal/ssh/ssh.go, leading to remote code execution. Authenticated attackers can exploit this by opening an SSH connection and sending a malicious --split-string env request if the built-in SSH server is activated. Windows installations are unaffected. \nSeverity: 9.9 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"04 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-04T18:56:17.000000Z"}, {"uuid": "f5a14e19-0ce7-423f-b6ef-e8291d7c1fda", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-39930", "type": "published-proof-of-concept", "source": "Telegram/BGbdnO5qVCeRESkVN9shfeMdpVcVG1XeThDpF5WVRjJQCD0", "content": "", "creation_timestamp": "2025-07-22T21:00:04.000000Z"}, {"uuid": "8acf4047-7161-4134-a369-470ae478fe2a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-39930", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lt3msrynif27", "content": "", "creation_timestamp": "2025-07-03T21:02:21.368041Z"}, {"uuid": "9ed50da9-9c76-4e1c-8704-f10aa8426f11", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-39930", "type": "seen", "source": "Telegram/H_XdvdQ0RFGa4W04r-OC96mZyJdL5Z0dOQUMX7vCpUHJ4Q", "content": "", "creation_timestamp": "2024-07-08T11:51:11.000000Z"}, {"uuid": "89f839b3-d781-4c1b-a8bf-7408e98ab512", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-39930", "type": "seen", "source": "Telegram/HogYaaVw_64T2bfR3Bhxs0uYWj1f06U_DiFsjjv675CLjw", "content": "", "creation_timestamp": "2024-07-08T11:53:58.000000Z"}, {"uuid": "25e251a9-a82d-4a10-88f5-813ba0c7a836", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-39930", "type": "seen", "source": "Telegram/BsDKi1NO35aX5jFw-nQrwozL1BDFKqIrJaNXO44sTuUJDa1q", "content": "", "creation_timestamp": "2024-07-08T13:16:59.000000Z"}, {"uuid": "d69f64a5-0b1a-44f3-9596-4da3d7ef85bd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-39930", "type": "seen", "source": "https://t.me/tengkorakcybercrewz/14554", "content": "The Hacker News\nCritical Unpatched Flaws Disclosed in Popular Gogs Open-Source Git Service\n\nFour unpatched security flaws, including three critical ones, have been disclosed in the Gogs open-source, self-hosted Git service that could enable an authenticated attacker to breach susceptible instances, steal or wipe source code, and even plant backdoors.\nThe vulnerabilities, according to SonarSource researchers Thomas Chauchefoin and Paul Gerste, are listed below -\n\nCVE-2024-39930 (CVSS", "creation_timestamp": "2024-07-08T11:53:59.000000Z"}, {"uuid": "fb8a875f-4359-410b-b996-9eaab9e3f80d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-39930", "type": "seen", "source": "https://t.me/true_secator/5943", "content": "\u0412 git-\u0441\u0435\u0440\u0432\u0438\u0441\u0435 \u043a\u0438\u0442\u0430\u0439\u0441\u043a\u0438\u0445 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u043e\u0432 Gogs \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u044b \u0447\u0435\u0442\u044b\u0440\u0435 \u043d\u0435\u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u0432 \u0442\u043e\u043c \u0447\u0438\u0441\u043b\u0435 \u0442\u0440\u0438 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u0441 \u043e\u0446\u0435\u043d\u043a\u043e\u0439 CVSS: 9,9.\n\n\u0421\u0440\u0435\u0434\u0438 \u043d\u0438\u0445:\n- CVE-2024-39930\u00a0(CVSS: 9,9, \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u0435 \u0430\u0440\u0433\u0443\u043c\u0435\u043d\u0442\u0430 \u0432\u043e \u0432\u0441\u0442\u0440\u043e\u0435\u043d\u043d\u044b\u0439 SSH-\u0441\u0435\u0440\u0432\u0435\u0440),\n- CVE-2024-39931\u00a0(CVSS: 9,9, \u0443\u0434\u0430\u043b\u0435\u043d\u0438\u0435 \u0432\u043d\u0443\u0442\u0440\u0435\u043d\u043d\u0438\u0445 \u0444\u0430\u0439\u043b\u043e\u0432), - CVE-2024-39932\u00a0(CVSS: 9,9, \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u0435 \u0430\u0440\u0433\u0443\u043c\u0435\u043d\u0442\u0430 \u0432\u043e \u0432\u0440\u0435\u043c\u044f \u043f\u0440\u0435\u0434\u0432\u0430\u0440\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0441\u043c\u043e\u0442\u0440\u0430 \u0438\u0437\u043c\u0435\u043d\u0435\u043d\u0438\u0439), \n- CVE-2024-39933\u00a0(CVSS: 7,7, \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u0435 \u0430\u0440\u0433\u0443\u043c\u0435\u043d\u0442\u0430 \u043f\u0440\u0438 \u043c\u0430\u0440\u043a\u0438\u0440\u043e\u0432\u043a\u0435 \u043d\u043e\u0432\u044b\u0445 \u0440\u0435\u043b\u0438\u0437\u043e\u0432).\n\n\u041f\u043e \u0434\u0430\u043d\u043d\u044b\u043c SonarSource, \u0443\u0441\u043f\u0435\u0448\u043d\u0430\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u043f\u0435\u0440\u0432\u044b\u0445 \u0442\u0440\u0435\u0445 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u043e\u0432 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0435 \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u043d\u0430 \u0441\u0435\u0440\u0432\u0435\u0440\u0435 Gogs, \u0432 \u0442\u043e \u0432\u0440\u0435\u043c\u044f \u043a\u0430\u043a \u0447\u0435\u0442\u0432\u0435\u0440\u0442\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0447\u0438\u0442\u0430\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0435 \u0444\u0430\u0439\u043b\u044b, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0438\u0441\u0445\u043e\u0434\u043d\u044b\u0439 \u043a\u043e\u0434 \u0438 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u044e.\n\n\u0414\u0440\u0443\u0433\u0438\u043c\u0438 \u0441\u043b\u043e\u0432\u0430\u043c\u0438, \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a, \u0437\u043b\u043e\u0443\u043f\u043e\u0442\u0440\u0435\u0431\u043b\u044f\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u043c\u0438, \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u043e\u0441\u043c\u043e\u0442\u0440\u0435\u0442\u044c, \u0438\u0437\u043c\u0435\u043d\u0438\u0442\u044c \u0438\u043b\u0438 \u0443\u0434\u0430\u043b\u0438\u0442\u044c \u043b\u044e\u0431\u043e\u0439 \u043a\u043e\u0434, \u043d\u0430\u0446\u0435\u043b\u0438\u0442\u044c\u0441\u044f \u043d\u0430 \u0432\u043d\u0443\u0442\u0440\u0435\u043d\u043d\u0438\u0435 \u0445\u043e\u0441\u0442\u044b, \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u0435 \u0441 \u0441\u0435\u0440\u0432\u0435\u0440\u0430 Gogs, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0432\u044b\u0434\u0430\u0442\u044c \u0441\u0435\u0431\u044f \u0437\u0430 \u0434\u0440\u0443\u0433\u0438\u0445 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u0438\u043b\u0438 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0431\u043e\u043b\u044c\u0448\u0435 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439.\n\n\u041f\u0440\u0438 \u044d\u0442\u043e\u043c \u0432\u0441\u0435 \u0447\u0435\u0442\u044b\u0440\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0442\u0440\u0435\u0431\u0443\u044e\u0442 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438.\n\n\u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, \u0434\u043b\u044f \u0430\u043a\u0442\u0438\u0432\u0430\u0446\u0438\u0438 CVE-2024-39930 \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e, \u0447\u0442\u043e\u0431\u044b \u0431\u044b\u043b \u0432\u043a\u043b\u044e\u0447\u0435\u043d \u0432\u0441\u0442\u0440\u043e\u0435\u043d\u043d\u044b\u0439 \u0441\u0435\u0440\u0432\u0435\u0440 SSH, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0441\u044f \u0438\u0441\u043f\u043e\u043b\u043d\u044f\u0435\u043c\u044b\u0439 \u0444\u0430\u0439\u043b env, \u0430 \u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430 \u0431\u044b\u043b \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0439 \u0437\u0430\u043a\u0440\u044b\u0442\u044b\u0439 \u043a\u043b\u044e\u0447 SSH.\n\n\u0415\u0441\u043b\u0438 \u0432 \u044d\u043a\u0437\u0435\u043c\u043f\u043b\u044f\u0440\u0435 Gogs \u0432\u043a\u043b\u044e\u0447\u0435\u043d\u0430 \u0440\u0435\u0433\u0438\u0441\u0442\u0440\u0430\u0446\u0438\u044f, \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u043e\u0441\u0442\u043e \u0441\u043e\u0437\u0434\u0430\u0442\u044c \u0443\u0447\u0435\u0442\u043d\u0443\u044e \u0437\u0430\u043f\u0438\u0441\u044c \u0438 \u0437\u0430\u0440\u0435\u0433\u0438\u0441\u0442\u0440\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0441\u0432\u043e\u0439 \u043a\u043b\u044e\u0447 SSH.\n\n\u0412 \u043f\u0440\u043e\u0442\u0438\u0432\u043d\u043e\u043c \u0441\u043b\u0443\u0447\u0430\u0435 \u043f\u0440\u0438\u0434\u0435\u0442\u0441\u044f \u0432\u0437\u043b\u043e\u043c\u0430\u0442\u044c \u0434\u0440\u0443\u0433\u0443\u044e \u0443\u0447\u0435\u0442\u043d\u0443\u044e \u0437\u0430\u043f\u0438\u0441\u044c \u0438\u043b\u0438 \u0443\u043a\u0440\u0430\u0441\u0442\u044c \u0437\u0430\u043a\u0440\u044b\u0442\u044b\u0439 \u043a\u043b\u044e\u0447 SSH \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f.\n\n\u042d\u043a\u0437\u0435\u043c\u043f\u043b\u044f\u0440\u044b Gogs \u043d\u0430 Windows \u043d\u0435 \u043f\u043e\u0434\u0434\u0430\u044e\u0442\u0441\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438, \u043a\u0430\u043a \u0438 \u043e\u0431\u0440\u0430\u0437 Docker.\n\n\u041e\u0434\u043d\u0430\u043a\u043e \u0442\u0435, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0440\u0430\u0431\u043e\u0442\u0430\u044e\u0442 \u043d\u0430 Debian \u0438 Ubuntu, \u0443\u044f\u0437\u0432\u0438\u043c\u044b \u0438\u0437-\u0437\u0430 \u0442\u043e\u0433\u043e, \u0447\u0442\u043e \u0434\u0432\u043e\u0438\u0447\u043d\u044b\u0439 \u0444\u0430\u0439\u043b env \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u0438\u0432\u0430\u0435\u0442 \u043e\u043f\u0446\u0438\u044e \"--split-string\".\n\n\u041f\u043e \u0434\u0430\u043d\u043d\u044b\u043c Shodan, \u0432 \u0418\u043d\u0442\u0435\u0440\u043d\u0435\u0442\u0435 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u043e \u043e\u043a\u043e\u043b\u043e 7300 \u044d\u043a\u0437\u0435\u043c\u043f\u043b\u044f\u0440\u043e\u0432 Gogs, \u043f\u0440\u0438\u0447\u0435\u043c \u043f\u043e\u0447\u0442\u0438 60% \u0438\u0437 \u043d\u0438\u0445 \u043d\u0430\u0445\u043e\u0434\u044f\u0442\u0441\u044f \u0432 \u041a\u0438\u0442\u0430\u0435, \u0437\u0430 \u043a\u043e\u0442\u043e\u0440\u044b\u043c \u0441\u043b\u0435\u0434\u0443\u044e\u0442 \u0421\u0428\u0410, \u0413\u0435\u0440\u043c\u0430\u043d\u0438\u044f, \u0420\u043e\u0441\u0441\u0438\u044f \u0438 \u0413\u043e\u043d\u043a\u043e\u043d\u0433.\n\n\u0412 \u043d\u0430\u0441\u0442\u043e\u044f\u0449\u0435\u0435 \u0432\u0440\u0435\u043c\u044f \u043d\u0435\u044f\u0441\u043d\u043e, \u0441\u043a\u043e\u043b\u044c\u043a\u043e \u0438\u0437 \u044d\u0442\u0438\u0445 \u043e\u0442\u043a\u0440\u044b\u0442\u044b\u0445 \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432 \u0443\u044f\u0437\u0432\u0438\u043c\u044b \u043a \u0432\u044b\u0448\u0435\u0443\u043f\u043e\u043c\u044f\u043d\u0443\u0442\u044b\u043c \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u0430\u043c.\n\n\u041f\u0440\u0438 \u044d\u0442\u043e\u043c SonarSource \u0442\u0430\u043a\u0436\u0435 \u043f\u043e\u043a\u0430 \u043d\u0435 \u0438\u043c\u0435\u0435\u0442 \u043d\u0438\u043a\u0430\u043a\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0435\u0439 \u043e \u0442\u043e\u043c, \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u044e\u0442\u0441\u044f \u043b\u0438 \u044d\u0442\u0438 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u0432 \u0434\u0438\u043a\u043e\u0439 \u043f\u0440\u0438\u0440\u043e\u0434\u0435.\n\n\u0422\u0435\u043c \u043d\u0435 \u043c\u0435\u043d\u0435\u0435, \u0432\u0435\u0441\u044c\u043c\u0430 \u0443\u0434\u0438\u0432\u0438\u043b\u0430 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u0440\u0435\u0430\u043a\u0446\u0438\u044f \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u043e\u0432 \u043f\u0440\u043e\u0435\u043a\u0442\u0430, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0442\u0430\u043a \u0438 \u043d\u0435 \u0432\u043d\u0435\u0441\u043b\u0438 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f, \u043f\u0440\u0435\u043a\u0440\u0430\u0442\u0438\u0432 \u043a\u0430\u043a\u043e\u0439-\u043b\u0438\u0431\u043e \u0434\u0438\u0430\u043b\u043e\u0433, \u043f\u043e\u0441\u043b\u0435 \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f \u043f\u0435\u0440\u0432\u043e\u043d\u0430\u0447\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u043e\u0442\u0447\u0435\u0442\u0430 28 \u0430\u043f\u0440\u0435\u043b\u044f 2023 \u0433\u043e\u0434\u0430.\n\n\u041f\u0440\u0438 \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u0438 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043e\u0442\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u0432\u0441\u0442\u0440\u043e\u0435\u043d\u043d\u044b\u0439 SSH-\u0441\u0435\u0440\u0432\u0435\u0440, \u043e\u0442\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u0440\u0435\u0433\u0438\u0441\u0442\u0440\u0430\u0446\u0438\u044e \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u0434\u043b\u044f \u043f\u0440\u0435\u0434\u043e\u0442\u0432\u0440\u0430\u0449\u0435\u043d\u0438\u044f \u043c\u0430\u0441\u0441\u043e\u0432\u043e\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0438 \u0440\u0430\u0441\u0441\u043c\u043e\u0442\u0440\u0435\u0442\u044c \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u043f\u0435\u0440\u0435\u0445\u043e\u0434\u0430 \u043d\u0430 Gitea.\n\nSonarSource \u0442\u0430\u043a\u0436\u0435 \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u043f\u0430\u0442\u0447, \u043a\u043e\u0442\u043e\u0440\u044b\u0439, \u043f\u0440\u0430\u0432\u0434\u0430, \u043f\u043e \u0438\u0445 \u043f\u0440\u0438\u0437\u043d\u0430\u043d\u0438\u044e, \u0435\u0449\u0435 \u043d\u0435 \u0431\u044b\u043b \u0442\u0449\u0430\u0442\u0435\u043b\u044c\u043d\u043e \u043f\u0440\u043e\u0442\u0435\u0441\u0442\u0438\u0440\u043e\u0432\u0430\u043d. \u041d\u043e \u0445\u043e\u0442\u044f \u0431\u044b.", "creation_timestamp": "2024-07-08T12:33:12.000000Z"}, {"uuid": "25938f33-ae3c-4d11-963e-053abb40cc5d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-39930", "type": "seen", "source": "https://t.me/tengkorakcybercrewz/2841", "content": "The Hacker News\nCritical Unpatched Flaws Disclosed in Popular Gogs Open-Source Git Service\n\nFour unpatched security flaws, including three critical ones, have been disclosed in the Gogs open-source, self-hosted Git service that could enable an authenticated attacker to breach susceptible instances, steal or wipe source code, and even plant backdoors.\nThe vulnerabilities, according to SonarSource researchers Thomas Chauchefoin and Paul Gerste, are listed below -\n\nCVE-2024-39930 (CVSS", "creation_timestamp": "2024-07-08T11:53:59.000000Z"}, {"uuid": "2b9ee6f1-f553-4f7c-aa84-9586ffd57d7a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-39930", "type": "seen", "source": "https://t.me/KomunitiSiber/2213", "content": "Critical Unpatched Flaws Disclosed in Popular Gogs Open-Source Git Service\nhttps://thehackernews.com/2024/07/critical-vulnerabilities-disclosed-in.html\n\nFour unpatched security flaws, including three critical ones, have been disclosed in the Gogs open-source, self-hosted Git service that could enable an authenticated attacker to breach susceptible instances, steal or wipe source code, and even plant backdoors.\nThe vulnerabilities, according to SonarSource researchers Thomas Chauchefoin and Paul Gerste, are listed below -\n\nCVE-2024-39930 (CVSS", "creation_timestamp": "2024-07-08T11:13:36.000000Z"}, {"uuid": "2d5d9e73-e736-42e8-ac04-0fff1f023245", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-39930", "type": "exploited", "source": "https://t.me/thehackernews/5217", "content": "Four unpatched Gogs Git flaws (CVE-2024-39930 to 39933) let attackers breach instances, steal/modify code, or plant backdoors. \n \nRead more: https://thehackernews.com/2024/07/critical-vulnerabilities-disclosed-in.html \n \n~7,300 exposed instances; 60% in China. Users urged to disable SSH and registration.", "creation_timestamp": "2024-07-08T09:06:41.000000Z"}]}