Is there a bug in github.com/gogits/gogs?

SQL Injection in github.com/gogits/gogs Due to improper sanitization of user input, a number of methods are vulnerable to SQL injection if used with user input that has not been sanitized by the caller. Fixed in github.com/gogits/gogs 0.5.8.

Is there a bug in github.com/gogits/gogs 0.3.1?

SQL Injection in gogs.io/gogs SQL injection vulnerability in the GetIssues function in models/issue.go in Gogs (aka Go Git Service) 0.3.1-9 through 0.5.6.x before 0.5.6.1025 Beta allows remote attackers to execute arbitrary SQL commands via the label parameter to user/repos/issues. Fixed in github.com/gogits/gogs 0.5.8.

This package has limited bug data (2 entries). Check back later or see the package health page for the full signal.

github.com/gogits/gogs known bugs

2 known bugs in github.com/gogits/gogs, with affected versions, fixes and workarounds. Sourced from upstream issue trackers.

View package health \u2192 Breaking changes \u2192

bugs

Known bugs

Severity	Affected	Fixed in	Title	Status	Source
medium	any	0.5.8	SQL Injection in github.com/gogits/gogs Due to improper sanitization of user input, a number of methods are vulnerable to SQL injection if used with user input that has not been sanitized by the caller.	fixed	osv:GO-2020-0021
medium	0.3.1

API access

Get this data programmatically \u2014 free, no authentication.

curl https://depscope.dev/api/bugs/go/github.com/gogits/gogs