Loading
The avatar middleware in Gitea before 1.13.6 allows Directory Traversal via a crafted URL.
Use CWE-22, Gitea vendor hub and Gitea product page to widen CVE-2021-29134 into its surrounding weakness, vendor, and product context.
Compare it with CVE-2026-20912, CVE-2026-20897 and CVE-2026-20750 for nearby disclosures in the same product family.