Description
Gogs is an open source self-hosted Git service. Prior to 0.14.0, as an authorized user, an intruder can dictate the value which is passed to the git diff command which, together with bypassing the filtering of the passed value, allows the user to bypass the target directory and write the result of the comparison to any arbitrary path. This vulnerability is fixed in 0.14.0.
Published: 2026-06-24
Score: 8.5 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

Gogs allows an authorized user to supply a value that bypasses path filtering in the git diff command, enabling writes to arbitrary locations on the file system, potentially overwriting critical files and causing a denial of service.

Affected Systems

Gogs instances running any version earlier than 0.14.0 are vulnerable. The issue exists for all deployments of gogs:gogs before the patch.

Risk and Exploitability

The CVSS score of 8.5 indicates a high severity. The EPSS score is not available and the vulnerability is not listed in CISA KEV. It is exploitable only by an authenticated user with write access through the Git interface. Once exploited, an attacker can overwrite critical files and potentially cause application downtime or corruption.

Generated by OpenCVE AI on June 25, 2026 at 00:29 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade to Gogs 0.14.0 or later to receive the fix for the arbitrary file write issue.
  • Enforce least privilege on Git user accounts, ensuring they cannot trigger arbitrary git diff operations with crafted inputs.
  • Restrict writes to critical directories by applying file system permissions or chroot constraints.

Generated by OpenCVE AI on June 25, 2026 at 00:29 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Github GHSA Github GHSA GHSA-pm6v-2h4w-4rp2 Gogs: Overwriting critical files results in a denial of service
History

Thu, 25 Jun 2026 13:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Thu, 25 Jun 2026 06:00:00 +0000

Type Values Removed Values Added
First Time appeared Gogs
Gogs gogs
Vendors & Products Gogs
Gogs gogs

Wed, 24 Jun 2026 21:15:00 +0000

Type Values Removed Values Added
Description Gogs is an open source self-hosted Git service. Prior to 0.14.0, as an authorized user, an intruder can dictate the value which is passed to the git diff command which, together with bypassing the filtering of the passed value, allows the user to bypass the target directory and write the result of the comparison to any arbitrary path. This vulnerability is fixed in 0.14.0.
Title Gogs: Overwriting critical files results in a denial of service
Weaknesses CWE-22
References
Metrics cvssV3_1

{'score': 8.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:H'}


cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published:

Updated: 2026-06-25T12:37:15.049Z

Reserved: 2026-06-08T18:02:19.731Z

Link: CVE-2026-52797

cve-icon Vulnrichment

Updated: 2026-06-25T12:36:52.783Z

cve-icon NVD

No data.

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-25T05:45:02Z

Weaknesses
  • CWE-22

    Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')