What the vulnerability does
01Description
Server-Side Request Forgery (SSRF) in GitHub repository gogs/gogs prior to 0.12.5.
CVE-2022-0870
MEDIUM
CVE-2022-0870: Server-Side Request Forgery (SSRF) in gogs/gogs
CVSS base score
5.0/10
CVSS vector
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N
Key dates
02Disclosure timeline
March 11, 2022
CVE published
August 2, 2024
Record updated
External resources
03References
Related vulnerabilities
04Related CVE
CVE-2026-33458 Server-Side Request Forgery (SSRF) in Kibana One Workflow Leading to Information Disclosure
CVE-2024-56736 Apache HertzBeat: Server-Side Request Forgery (SSRF) in Api Config Oss
CVE-2026-7412
CVE-2024-31991 Mealie vulnerable to a GET-based SSRF in recipe importer (GHSL-2023-225)
CVE-2026-7604 JeecgBoot OpenApi Service OpenApiController.java OpenApiController.call server-side request forgery
