Vendor
critical
advisory
Gogs Remote Code Execution via git rebase --exec Argument Injection (GHSA-qf6p-p7ww-cwr9)
1 rule 5 TTPsGogs, a self-hosted Git service, is vulnerable to a Critical (CVSS 9.9) Remote Code Execution (RCE) via `git rebase --exec` argument injection (GHSA-qf6p-p7ww-cwr9) during pull request merge operations, allowing an authenticated attacker to execute arbitrary commands as the Gogs server process user and achieve full server compromise.
Gogs 0.14.2 +2
rce
gogs
git
code-repository
vulnerability
argument-injection
server-side-request-forgery
1r
5t
critical
advisory
Gogs Vulnerability Allows Remote Code Execution
2 rules 1 TTPAn authenticated remote attacker can exploit a vulnerability in Gogs to execute arbitrary code, potentially leading to complete system compromise.
Gogs
code-execution
git
web-application
2r
1t
critical
threat
Gogs Zero-Day Vulnerability Enables Remote Code Execution
2 rules 1 TTP 5 CVEsAn unpatched argument injection vulnerability in Gogs (versions 0.14.2 and 0.15.0+dev) allows authenticated attackers to achieve remote code execution (RCE) on vulnerable instances, potentially leading to complete server compromise.
exploited
Gogs 0.14.2 +1
rce
zero-day
argument injection
2r
1t
5c