CVE-2024-47515 | pagure Temporary Clone generate_archive symlink

Inserito da Angelo Barbosa | Ott 1, 2024 | CVE

A vulnerability was found in pagure. It has been declared as problematic. Affected by this vulnerability is the function generate_archive of the component Temporary Clone Handler. The manipulation leads to symlink following.

This vulnerability is known as CVE-2024-47515. Access to the local network is required for this attack to succeed. There is no exploit available.

CVE-2024-47515 | pagure Temporary Clone generate_archive symlink

Post correlati

CVE-2021-47479 | Linux Kernel up to 5.10.78/5.14.17/5.15.1 hal_init.c rtl8712_dl_fw use after free

CVE-2024-2952 | berriai litellm Jinja Template tokenizer_config.json hf_chat_template equivalent special elements

CVE-2023-5711 | System Dashboard Plugin up to 2.8.8 on WordPress sd_php_info authorization

CVE-2024-25288 | SLiMS Bulian 9.6.1 pop-scope-vocabolary.php sql injection