CVE-2025-68937

EPSS 0.49%
Veröffentlicht 25.12.2025 23:57:30
Zuletzt bearbeitet 15.04.2026 00:35:42
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

Forgejo before 13.0.2 allows attackers to write to unintended files, and possibly obtain server shell access, because of mishandling of out-of-repository symlink destinations for template repositories. This is also fixed for 11 LTS in 11.0.7 and later.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 9

CNA 1 VulnDex Vulnerability Enrichment 1

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerForgejo

≫

Produkt Forgejo

Default Statusunaffected

Version 12.0.0

Version < 13.0.2

Status affected

Version 0

Version < 11.0.7

Status affected

VulnDex Vulnerability Enrichment

Diese Information steht angemeldeten Benutzern zur Verfügung.

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.49%	0.381

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
cve@mitre.org	9.5	0	0	CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

CWE-61 UNIX Symbolic Link (Symlink) Following

The product, when opening a file or directory, does not sufficiently account for when the file is a symbolic link that resolves to a target outside of the intended control sphere. This could allow an attacker to cause the product to operate on unauthorized files.

https://codeberg.org/forgejo/forgejo/src/branch/forgejo/release-notes-published/13.0.2.md

https://codeberg.org/forgejo/forgejo/src/branch/forgejo/release-notes-published/11.0.7.md

https://codeberg.org/forgejo/forgejo/milestone/29156

https://codeberg.org/forgejo/forgejo/milestone/27340

https://codeberg.org/forgejo/security-announcements/issues/43

https://blog.gitea.com/release-of-1.24.7/

https://nvd.nist.gov/vuln/detail/CVE-2025-68937

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-68937

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-68937

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2025-68937