SecurityBleepingComputerabout 2 hours ago

Gogs patches critical zero-day enabling remote code execution

1 min read

Gogs released version 0.14.3 on June 7 to patch a critical argument injection vulnerability enabling remote code execution. The flaw affects all releases up to 0.14.2 and 0.15.0+dev. Authenticated attackers can compromise servers, read private repositories, steal credentials, and alter source code. Rapid7 recommends immediate upgrade.

Level

Hype check

Tap to vote and see what everyone thinks.

#gogs #security #vulnerability

Read full story

More to chew on!

Securityabout 3 hours ago

Critical UniFi OS bug lets hackers gain root without authentication

Securityabout 6 hours ago

Check Point links VPN zero-day attacks to Qilin ransomware gang