What is the Gitea CNA?
Gitea is a CVE Numbering Authority (CNA) — an organization authorized to assign CVE IDs to vulnerabilities in its scope. It has published 10 CVE records since 2024.
How many CVEs has Gitea published?
Gitea has published 10 CVE records, including 10 in the last two years.
What is Gitea's CVE data quality grade?
RadicalNotion.AI grades Gitea's CVE data quality as C, with an overall completeness score of 77.5%. This reflects how consistently its CVE records include vendor (100%), product (100%), CVSS (10%), and CWE (100%) information.
What products does Gitea publish CVEs for?
Gitea most frequently publishes CVEs for code.gitea.io/gitea, gitea, Gitea Open Source Git Server, github.com/go-gitea/gitea.
Which vendors does Gitea cover?
Gitea publishes CVEs across 1 distinct vendors, most often code.gitea.io, Gitea, Bitnami, go-gitea.
Is Gitea actively publishing CVEs?
Gitea is currently active, based on 10 CVEs in the last two years.
What is the average severity of Gitea's CVEs?
The average CVSS base score across Gitea's scored CVEs is 10.0.
How many critical CVEs has Gitea published?
Gitea has published 4 critical-severity CVEs and 1 high-severity CVEs.
Are any of Gitea's CVEs in CISA's Known Exploited Vulnerabilities catalog?
No. None of Gitea's CVEs are currently listed in CISA's Known Exploited Vulnerabilities (KEV) catalog.
What are the most common weakness types in Gitea's CVEs?
Gitea's CVEs most often map to these CWE weakness types: CWE-284 (Improper Access Control), CWE-639 (Authorization Bypass Through User-Controlled Key), CWE-200 (Exposure of Sensitive Information to an Unauthorized Actor), CWE-79 (Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')).
How does Gitea rank among CNAs?
By total CVE volume, Gitea ranks #305 of 370 CNAs, and it reports more complete CVE records than 27% of all CNAs.
