CVE-2024-4981 | Pagure Temporary Clone _update_file_in_git symlink

Posted by Angelo Barbosa | May 16, 2024 | CVE

A vulnerability was found in Pagure. It has been rated as critical. Affected by this issue is the function _update_file_in_git of the component Temporary Clone Handler. The manipulation leads to symlink following.

This vulnerability is handled as CVE-2024-4981. The attack needs to be done within the local network. There is no exploit available.

CVE-2024-4981 | Pagure Temporary Clone _update_file_in_git symlink

Related Posts

CVE-2024-2743 | GitLab up to 17.1.6/17.2.4/17.3.1 authorization (Issue 451014)

CVE-2024-41861 | Adobe Substance3D Sampler up to 4.5 out-of-bounds (apsb24-65)

CVE-2024-3075 | MM-email2image Plugin up to 0.2.5 on WordPress Shortcode cross site scripting

CVE-2023-52849 | Linux Kernel up to 5.15.138/6.1.62/6.5.11/6.6.1 cxl_mock_mem null pointer dereference