CVE-2020-13246

CVE-2020-13246

EPSS 2.0%

An issue was discovered in Gitea through 1.11.5. An attacker can trigger a deadlock by initiating a transfer of a repository's ownership from one organization to another.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://github.com/go-gitea/gitea/issues/10549 https://github.com/go-gitea/gitea/pull/11438 https://www.youtube.com/watch?v=DmVgADSVS88