Gitea versions before 1.25.5 have insufficient permission checks when listing tracked time entries.
History

Fri, 03 Jul 2026 20:45:00 +0000

Type Values Removed Values Added
Description Gitea versions before 1.25.5 have insufficient permission checks when listing tracked time entries.
Title Gitea tracked-time list endpoint has insufficient permission checks
Weaknesses CWE-284
References

cve-icon MITRE

Status: PUBLISHED

Assigner: Gitea

Published:

Updated: 2026-07-03T20:19:29.943Z

Reserved: 2026-02-22T15:13:33.704Z

Link: CVE-2026-20909

cve-icon Vulnrichment

No data.

cve-icon NVD

No data.

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.