cnvd - cnvd-2020-64316

cnvd-2020-64316

Vulnerability from cnvd

Title: Gogs操作系统命令注入漏洞

Description:

Gogs（Go Git Service）是Gogs团队的一个基于Go语言的自助Git托管服务，它支持创建、迁移公开/私有仓库，添加、删除仓库协作者等。

Gogs 1.1.0版本至0.12.5版本 git hook feature存在操作系统命令注入漏洞。目前没有详细的漏洞细节提供。

Severity: 中

Patch Name: Gogs操作系统命令注入漏洞的补丁

Patch Description:

Gogs（Go Git Service）是Gogs团队的一个基于Go语言的自助Git托管服务，它支持创建、迁移公开/私有仓库，添加、删除仓库协作者等。

Gogs 1.1.0版本至0.12.5版本 git hook feature存在操作系统命令注入漏洞。目前没有详细的漏洞细节提供。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description:

厂商已发布了漏洞修复程序，请及时关注更新： https://github.com/go-gitea/gitea/releases

Reference: https://www.fzi.de/en/news/news/detail-en/artikel/fsa-2020-3-schwachstelle-in-gitea-1125-und-gogs-0122-ermoeglicht-ausfuehrung-von-code-nach-authent/

Impacted products

Name
Gogs Gogs >=1.1.0，<=0.12.5

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2020-14144",
      "cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2020-14144"
    }
  },
  "description": "Gogs\uff08Go Git Service\uff09\u662fGogs\u56e2\u961f\u7684\u4e00\u4e2a\u57fa\u4e8eGo\u8bed\u8a00\u7684\u81ea\u52a9Git\u6258\u7ba1\u670d\u52a1\uff0c\u5b83\u652f\u6301\u521b\u5efa\u3001\u8fc1\u79fb\u516c\u5f00/\u79c1\u6709\u4ed3\u5e93\uff0c\u6dfb\u52a0\u3001\u5220\u9664\u4ed3\u5e93\u534f\u4f5c\u8005\u7b49\u3002\n\nGogs 1.1.0\u7248\u672c\u81f30.12.5\u7248\u672c git hook feature\u5b58\u5728\u64cd\u4f5c\u7cfb\u7edf\u547d\u4ee4\u6ce8\u5165\u6f0f\u6d1e\u3002\u76ee\u524d\u6ca1\u6709\u8be6\u7ec6\u7684\u6f0f\u6d1e\u7ec6\u8282\u63d0\u4f9b\u3002",
  "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://github.com/go-gitea/gitea/releases",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2020-64316",
  "openTime": "2020-11-19",
  "patchDescription": "Gogs\uff08Go Git Service\uff09\u662fGogs\u56e2\u961f\u7684\u4e00\u4e2a\u57fa\u4e8eGo\u8bed\u8a00\u7684\u81ea\u52a9Git\u6258\u7ba1\u670d\u52a1\uff0c\u5b83\u652f\u6301\u521b\u5efa\u3001\u8fc1\u79fb\u516c\u5f00/\u79c1\u6709\u4ed3\u5e93\uff0c\u6dfb\u52a0\u3001\u5220\u9664\u4ed3\u5e93\u534f\u4f5c\u8005\u7b49\u3002\r\n\r\nGogs 1.1.0\u7248\u672c\u81f30.12.5\u7248\u672c git hook feature\u5b58\u5728\u64cd\u4f5c\u7cfb\u7edf\u547d\u4ee4\u6ce8\u5165\u6f0f\u6d1e\u3002\u76ee\u524d\u6ca1\u6709\u8be6\u7ec6\u7684\u6f0f\u6d1e\u7ec6\u8282\u63d0\u4f9b\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Gogs\u64cd\u4f5c\u7cfb\u7edf\u547d\u4ee4\u6ce8\u5165\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": "Gogs Gogs \u003e=1.1.0\uff0c\u003c=0.12.5"
  },
  "referenceLink": "https://www.fzi.de/en/news/news/detail-en/artikel/fsa-2020-3-schwachstelle-in-gitea-1125-und-gogs-0122-ermoeglicht-ausfuehrung-von-code-nach-authent/",
  "serverity": "\u4e2d",
  "submitTime": "2020-10-19",
  "title": "Gogs\u64cd\u4f5c\u7cfb\u7edf\u547d\u4ee4\u6ce8\u5165\u6f0f\u6d1e"
}

CVE-2020-14144 (GCVE-0-2020-14144)

Vulnerability from cvelistv5

Published

2020-10-16 13:02

Modified

2024-08-04 12:39

Severity ?

CWE

Summary

The git hook feature in Gitea 1.1.0 through 1.12.5 might allow for authenticated remote code execution in customer environments where the documentation was not understood (e.g., one viewpoint is that the dangerousness of this feature should be documented immediately above the ENABLE_GIT_HOOKS line in the config file). NOTE: The vendor has indicated this is not a vulnerability and states "This is a functionality of the software that is limited to a very limited subset of accounts. If you give someone the privilege to execute arbitrary code on your server, they can execute arbitrary code on your server. We provide very clear warnings to users around this functionality and what it provides.

References

▼	URL	Tags
	https://github.com/go-gitea/gitea/releases	x_refsource_MISC
	https://www.fzi.de/en/news/news/detail-en/artikel/fsa-2020-3-schwachstelle-in-gitea-1125-und-gogs-0122-ermoeglicht-ausfuehrung-von-code-nach-authent/	x_refsource_MISC
	https://github.com/go-gitea/gitea/pull/13058	x_refsource_MISC
	https://docs.gitlab.com/ee/administration/server_hooks.html	x_refsource_MISC
	https://docs.github.com/en/enterprise-server%402.19/admin/policies/creating-a-pre-receive-hook-script	x_refsource_MISC
	http://packetstormsecurity.com/files/162122/Gitea-Git-Hooks-Remote-Code-Execution.html	x_refsource_MISC
	https://github.com/PandatiX/CVE-2021-28378	x_refsource_MISC
	https://github.com/PandatiX/CVE-2021-28378#notes	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T12:39:35.984Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/go-gitea/gitea/releases"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.fzi.de/en/news/news/detail-en/artikel/fsa-2020-3-schwachstelle-in-gitea-1125-und-gogs-0122-ermoeglicht-ausfuehrung-von-code-nach-authent/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/go-gitea/gitea/pull/13058"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://docs.gitlab.com/ee/administration/server_hooks.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://docs.github.com/en/enterprise-server%402.19/admin/policies/creating-a-pre-receive-hook-script"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/162122/Gitea-Git-Hooks-Remote-Code-Execution.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/PandatiX/CVE-2021-28378"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/PandatiX/CVE-2021-28378#notes"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "The git hook feature in Gitea 1.1.0 through 1.12.5 might allow for authenticated remote code execution in customer environments where the documentation was not understood (e.g., one viewpoint is that the dangerousness of this feature should be documented immediately above the ENABLE_GIT_HOOKS line in the config file). NOTE: The vendor has indicated this is not a vulnerability and states \"This is a functionality of the software that is limited to a very limited subset of accounts. If you give someone the privilege to execute arbitrary code on your server, they can execute arbitrary code on your server. We provide very clear warnings to users around this functionality and what it provides."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-11-04T01:50:15",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/go-gitea/gitea/releases"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.fzi.de/en/news/news/detail-en/artikel/fsa-2020-3-schwachstelle-in-gitea-1125-und-gogs-0122-ermoeglicht-ausfuehrung-von-code-nach-authent/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/go-gitea/gitea/pull/13058"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://docs.gitlab.com/ee/administration/server_hooks.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://docs.github.com/en/enterprise-server%402.19/admin/policies/creating-a-pre-receive-hook-script"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://packetstormsecurity.com/files/162122/Gitea-Git-Hooks-Remote-Code-Execution.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/PandatiX/CVE-2021-28378"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/PandatiX/CVE-2021-28378#notes"
        }
      ],
      "tags": [
        "disputed"
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2020-14144",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "** DISPUTED ** The git hook feature in Gitea 1.1.0 through 1.12.5 might allow for authenticated remote code execution in customer environments where the documentation was not understood (e.g., one viewpoint is that the dangerousness of this feature should be documented immediately above the ENABLE_GIT_HOOKS line in the config file). NOTE: The vendor has indicated this is not a vulnerability and states \"This is a functionality of the software that is limited to a very limited subset of accounts. If you give someone the privilege to execute arbitrary code on your server, they can execute arbitrary code on your server. We provide very clear warnings to users around this functionality and what it provides.\""
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/go-gitea/gitea/releases",
              "refsource": "MISC",
              "url": "https://github.com/go-gitea/gitea/releases"
            },
            {
              "name": "https://www.fzi.de/en/news/news/detail-en/artikel/fsa-2020-3-schwachstelle-in-gitea-1125-und-gogs-0122-ermoeglicht-ausfuehrung-von-code-nach-authent/",
              "refsource": "MISC",
              "url": "https://www.fzi.de/en/news/news/detail-en/artikel/fsa-2020-3-schwachstelle-in-gitea-1125-und-gogs-0122-ermoeglicht-ausfuehrung-von-code-nach-authent/"
            },
            {
              "name": "https://github.com/go-gitea/gitea/pull/13058",
              "refsource": "MISC",
              "url": "https://github.com/go-gitea/gitea/pull/13058"
            },
            {
              "name": "https://docs.gitlab.com/ee/administration/server_hooks.html",
              "refsource": "MISC",
              "url": "https://docs.gitlab.com/ee/administration/server_hooks.html"
            },
            {
              "name": "https://docs.github.com/en/enterprise-server@2.19/admin/policies/creating-a-pre-receive-hook-script",
              "refsource": "MISC",
              "url": "https://docs.github.com/en/enterprise-server@2.19/admin/policies/creating-a-pre-receive-hook-script"
            },
            {
              "name": "http://packetstormsecurity.com/files/162122/Gitea-Git-Hooks-Remote-Code-Execution.html",
              "refsource": "MISC",
              "url": "http://packetstormsecurity.com/files/162122/Gitea-Git-Hooks-Remote-Code-Execution.html"
            },
            {
              "name": "https://github.com/PandatiX/CVE-2021-28378",
              "refsource": "MISC",
              "url": "https://github.com/PandatiX/CVE-2021-28378"
            },
            {
              "name": "https://github.com/PandatiX/CVE-2021-28378#notes",
              "refsource": "MISC",
              "url": "https://github.com/PandatiX/CVE-2021-28378#notes"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2020-14144",
    "datePublished": "2020-10-16T13:02:25",
    "dateReserved": "2020-06-15T00:00:00",
    "dateUpdated": "2024-08-04T12:39:35.984Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted