Affected by GO-2022-0353 and 13 other vulnerabilities

GO-2022-0353: Path Traversal in Gitea in code.gitea.io/gitea

GO-2022-0442: Arbitrary file deletion in gitea in code.gitea.io/gitea

GO-2022-0450: Shell command injection in gitea in code.gitea.io/gitea

GO-2022-0609: Gitea Missing Authorization vulnerability in code.gitea.io/gitea

GO-2022-0612: Stored Cross-site Scripting in gitea in code.gitea.io/gitea

GO-2022-0832: Cross-site Scripting in Gitea in code.gitea.io/gitea

GO-2022-1065: Gitea vulnerable to Argument Injection in code.gitea.io/gitea

GO-2023-1894: code.gitea.io/gitea Open Redirect vulnerability

GO-2023-1971: Gogs and Gitea SSRF Vulnerability in code.gitea.io/gitea

GO-2023-1999: Gitea erroneous repo clones in code.gitea.io/gitea

GO-2024-2752: Gitea Open Redirect in code.gitea.io/gitea

GO-2024-2757: Buffer Overflow in gitea in code.gitea.io/gitea

GO-2024-2769: Gitea allowed assignment of private issues in code.gitea.io/gitea

GO-2024-3056: Gitea Cross-site Scripting Vulnerability in code.gitea.io/gitea

services/

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices