top of page
perceptive_background_267k.jpg

Gogs contains a path traversal vulnerability affecting improper Symbolic link handling in the PutContents API that could allow for code execution.

Published:

12 January 2026 at 00:00:00

Alert date:

12 January 2026 at 19:01:33

Source:

cisa.gov

Click to open the original link from this advisory

Web Technologies, Enterprise Applications

CVE-2025-8110 is a path traversal vulnerability in Gogs that affects improper symbolic link handling in the PutContents API. This vulnerability could potentially allow attackers to achieve code execution by exploiting the path traversal flaw. The issue has been addressed with a fix available in the Gogs repository. Given the potential for code execution, this vulnerability represents a significant security risk for organizations using affected versions of Gogs.

Technical details

Mitigation steps:

Affected products:

Gogs

Related links:

https://nvd.nist.gov/vuln/detail/CVE-2025-8110
https://github.com/gogs/gogs/commit/553707f3fd5f68f47f531cfcff56aa3ec294c6f6

Related CVE's:

Related threat actors:

IOC's:

This article was created with the assistance of AI technology by Perceptive.

© 2025 by Perceptive Security. All rights reserved.

email: info@perceptivesecurity.com

Disclaimer: Deze website toont informatie afkomstig van externe bronnen. Perceptive aanvaardt geen verantwoordelijkheid voor de inhoud, juistheid of volledigheid van deze informatie.

bottom of page