CVE-2026-27771 - CERT CVE
ID CVE-2026-27771
Sažetak Gitea versions up to and including 1.26.1 have insufficient permission checks for Composer package source links, which can expose private or internal package source information.
Reference
CVSS
Base: 8.2
Impact: 4.2
Exploitability:3.9
Pristup
VektorSloženostAutentikacija
NETWORK LOW NONE
Impact
PovjerljivostCjelovitostDostupnost
HIGH LOW NONE
CVSS vektor CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N
Zadnje važnije ažuriranje 03-07-2026 - 21:16
Objavljeno 03-07-2026 - 21:16