- What is the Gitea CNA?
- Gitea is a CVE Numbering Authority (CNA) — an organization authorized to assign CVE IDs to vulnerabilities in its scope. It has published 10 CVE records since 2024.
- How many CVEs has Gitea published?
- Gitea has published 10 CVE records, including 10 in the last two years.
- What is Gitea's CVE data quality grade?
- RadicalNotion.AI grades Gitea's CVE data quality as C, with an overall completeness score of 77.5%. This reflects how consistently its CVE records include vendor (100%), product (100%), CVSS (10%), and CWE (100%) information.
- What products does Gitea publish CVEs for?
- Gitea most frequently publishes CVEs for gitea, Gitea Open Source Git Server, code.gitea.io/gitea, github.com/go-gitea/gitea, OpenShift Pipelines.
- Which vendors does Gitea cover?
- Gitea publishes CVEs across 1 distinct vendors, most often Gitea, code.gitea.io, Red Hat.
- Is Gitea actively publishing CVEs?
- Gitea is currently active, based on 10 CVEs in the last two years.
- What is the average severity of Gitea's CVEs?
- The average CVSS base score across Gitea's scored CVEs is 10.0.
- How many critical CVEs has Gitea published?
- Gitea has published 15 critical-severity CVEs and 22 high-severity CVEs.
- Are any of Gitea's CVEs in CISA's Known Exploited Vulnerabilities catalog?
- No. None of Gitea's CVEs are currently listed in CISA's Known Exploited Vulnerabilities (KEV) catalog.
- What are the most common weakness types in Gitea's CVEs?
- Gitea's CVEs most often map to these CWE weakness types: CWE-284 (Improper Access Control), CWE-863 (Incorrect Authorization), CWE-862 (Missing Authorization), CWE-639 (Authorization Bypass Through User-Controlled Key).
- How does Gitea rank among CNAs?
- By total CVE volume, Gitea ranks #305 of 370 CNAs, and it reports more complete CVE records than 27% of all CNAs.