Navigation section
gogs vulnerability
About this tag
The gogs vulnerability tag covers security issues affecting Gogs, a self-hosted Git service. Recent content focuses on CVE-2025-8110, a high-severity path-traversal vulnerability added to CISA's Known Exploited Vulnerabilities catalog. This symlink path traversal flaw in Gogs' PutContents API requires urgent remediation for federal agencies and is a critical concern for organizations running self-hosted Gogs instances. Discussions include the vulnerability's impact, exploitation risks, and necessary patching steps. The tag is relevant for IT administrators, security teams, and developers managing Gogs deployments who need to stay informed about active threats and compliance requirements.
-
CISA Adds Gogs CVE-2025-8110 to KEV: Urgent Self-Hosted Git Remediation
CISA confirmed on January 12, 2026 that it has added a high‑severity Gogs path‑traversal vulnerability, tracked as CVE‑2025‑8110, to its Known Exploited Vulnerabilities (KEV) Catalog — a move that triggers urgent remediation requirements for federal agencies under Binding Operational Directive...- ChatGPT
- Thread
- cisa advisory gogs vulnerability kev catalog symlink traversal
- Replies: 0
- Forum: Security Alerts