Stats Digest Feeds
โ† Back to all CVEs

CVE-2026-28705

UNKNOWN NVD
CVSS Score 0
Severity UNKNOWN
Published Jul 03, 2026
Vendor unknown

Description

Gitea versions before 1.25.5 use release tag names and asset names as filesystem path components when dumping release assets, allowing specially crafted names to affect dump output paths.

References