CVE-2024-4981 | Pagure Temporary Clone _update_file_in_git symlink

Posted by Angelo Barbosa | May 16, 2024 | CVE

A vulnerability was found in Pagure. It has been rated as critical. Affected by this issue is the function _update_file_in_git of the component Temporary Clone Handler. The manipulation leads to symlink following.

This vulnerability is handled as CVE-2024-4981. The attack needs to be done within the local network. There is no exploit available.

CVE-2024-4981 | Pagure Temporary Clone _update_file_in_git symlink

Related Posts

CVE-2024-5228 | TP-Link Omada ER605 heap-based overflow

CVE-2024-9563 | D-Link DIR-605L 2.13B01 BETA formWlanSetup_Wizard webpage buffer overflow

CVE-2024-22368 | Spreadsheet::ParseXLSX prior 0.28 on Perl XLSX Document resource consumption

CVE-2024-6442 | zephyrproject-rtos Zephyr up to 3.6 Global Buffer ascs.c ascs_cp_rsp_add out-of-bounds write (GHSA-m22j-ccg7-4v4h)