CVE-2024-4982

Опубликовано: 12 мая 2025

Источник: nvd

CVSS3: 7.6

CVSS3: 6.5

EPSS Низкий

Описание

A directory traversal vulnerability was discovered in Pagure server. If a malicious user submits a specially cratfted git repository they could discover secrets on the server.

Ссылки

https://access.redhat.com/security/cve/CVE-2024-4982
Vendor Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2279411
Permissions Required
https://bugzilla.redhat.com/show_bug.cgi?id=2280726
Exploit
Issue Tracking
Vendor Advisory
https://pagure.io/pagure/c/c43844d23c919133fc983fe8c0f1dfb3b86e67d0
Patch

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:redhat:pagure:*:*:*:*:*:*:*:*

Версия до 5.14.1 (исключая)

EPSS

Процентиль: 30%

0.00107

Низкий

7.6 High

CVSS3

6.5 Medium

CVSS3

Дефекты

CWE-22

Связанные уязвимости

CVE-2024-4982

CVSS3: 7.6

ubuntu

9 месяцев назад

A directory traversal vulnerability was discovered in Pagure server. If a malicious user submits a specially cratfted git repository they could discover secrets on the server.

CVE-2024-4982

CVSS3: 7.6

debian

9 месяцев назад

A directory traversal vulnerability was discovered in Pagure server. I ...

GHSA-g76q-72wv-pxqq

CVSS3: 7.6

github

9 месяцев назад

A directory traversal vulnerability was discovered in Pagure server. If a malicious user submits a specially cratfted git repository they could discover secrets on the server.

EPSS

Процентиль: 30%

0.00107

Низкий

7.6 High

CVSS3

6.5 Medium

CVSS3

Дефекты

CWE-22