CVE-2024-44625

HIGH

CVSS v3

8.8

HIGH

EPSS Score

70.9%

exploit probability

CISA KEV

No

known exploited

Exploitation

SSVC status

Description

Gogs <=0.13.0 is vulnerable to Directory Traversal via the editFilePost function of internal/route/repo/editor.go.

Technical Details

Published
11/15/2024

Frequently Asked Questions

What is CVE-2024-44625?

Gogs <=0.13.0 is vulnerable to Directory Traversal via the editFilePost function of internal/route/repo/editor.go.

Is CVE-2024-44625 actively exploited?

Active exploitation of CVE-2024-44625 has not been confirmed. The EPSS score is 70.9%, indicating the estimated probability of exploitation in the next 30 days.

What is the CVSS score for CVE-2024-44625?

CVE-2024-44625 has a CVSS v3 base score of 8.8 (HIGH severity).

Is CVE-2024-44625 affecting your environment?

Use isMalicious to check if any of your IPs or domains are associated with this vulnerability's IOCs.