CVE-2021-45328

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2021-45328

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-45328.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2021-45328

Aliases

Downstream

UBUNTU-CVE-2021-45328

Published

2022-02-08T16:15:07Z

Modified

2025-11-10T14:09:33.197362Z

Severity

6.1 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N CVSS Calculator

Summary

[none]

Details

Gitea before 1.4.3 is affected by URL Redirection to Untrusted Site ('Open Redirect') via internal URLs.

References

Affected packages

Git / github.com/go-gitea/gitea

Affected ranges

Type: GIT
Repo: https://github.com/go-gitea/gitea
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

96c63a49376cd71c29a92e9a1685f07653376668

Git / github.com/jenkinsci/gitea-plugin

Affected ranges

Type: GIT
Repo: https://github.com/jenkinsci/gitea-plugin
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

8288e82a157e9e3080788fd92e06023f022cac51

Affected versions

1.*

1.4.0--rc182.9eb947470fcf

1.4.1

1.4.2

gitea-1.*

gitea-1.0.0

gitea-1.0.1

gitea-1.0.2

gitea-1.0.3

gitea-1.0.4

gitea-1.0.5

gitea-1.0.6

gitea-1.0.7

gitea-1.0.8

gitea-1.1.0

gitea-1.1.1

gitea-1.1.2

gitea-1.2.0

gitea-1.2.1

gitea-1.3.0

Database specific

vanir_signatures

[
    {
        "signature_version": "v1",
        "signature_type": "Function",
        "target": {
            "function": "checkoutUriTemplate",
            "file": "src/main/java/org/jenkinsci/plugin/gitea/GiteaSCMBuilder.java"
        },
        "digest": {
            "function_hash": "266004834748904800046261870251710986605",
            "length": 1590.0
        },
        "deprecated": false,
        "id": "CVE-2021-45328-55adc3b7",
        "source": "https://github.com/jenkinsci/gitea-plugin/commit/8288e82a157e9e3080788fd92e06023f022cac51"
    },
    {
        "signature_version": "v1",
        "signature_type": "Line",
        "target": {
            "file": "src/main/java/org/jenkinsci/plugin/gitea/GiteaSCMBuilder.java"
        },
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "98450502315083623480527011456022893768",
                "329176110356089968377782171926677183305",
                "130416140511573562415101847425282896439",
                "245065226014255470495692052047173648548",
                "14892499485354592639347529893470868689",
                "154332586271384460545820730403858493314",
                "196695406182218540758730850413267679277",
                "249030414729594135643648763441564174601",
                "85574347713603382808140755503059208421",
                "48118297772435877604860147644500902040",
                "331720843367794508373319238884739634231",
                "187375135658614148498287285781997943139"
            ]
        },
        "deprecated": false,
        "id": "CVE-2021-45328-adfad481",
        "source": "https://github.com/jenkinsci/gitea-plugin/commit/8288e82a157e9e3080788fd92e06023f022cac51"
    }
]