oss-sec mailing list archives
Re: CVE-2025-8110 in Gogs self-hosted git service
From: Chad Dougherty <crd477 () icloud com>
Date: Sat, 17 Jan 2026 20:53:54 +0000
On 12/10/25 11:18 PM, Alan Coopersmith wrote:
https://github.com/gogs/gogs offers a MIT-licensed self-hosted git service.https://www.wiz.io/blog/wiz-research-gogs-cve-2025-8110-rce-exploit warns of CVE-2025-8110, an as-yet-unfixed vulnerability in this service which they saythey are seeing being actively exploited.
FYI, this was reportedly fixed in https://github.com/gogs/gogs/pull/8082 -Chad
Current thread:
- Re: CVE-2025-8110 in Gogs self-hosted git service Chad Dougherty (Jan 17)
- Re: CVE-2025-8110 in Gogs self-hosted git service Collin Funk (Jan 17)
- Re: CVE-2025-8110 in Gogs self-hosted git service Michael Orlitzky (Jan 17)
- Re: CVE-2025-8110 in Gogs self-hosted git service Collin Funk (Jan 17)