A directory traversal vulnerability was discovered in Pagure server. If a malicious user submits a specially cratfted git repository they could discover secrets on the server.
History

Mon, 12 May 2025 20:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Mon, 12 May 2025 19:15:00 +0000

Type Values Removed Values Added
Description A directory traversal vulnerability was discovered in Pagure server. If a malicious user submits a specially cratfted git repository they could discover secrets on the server.
Title Pagure: path traversal in view_issue_raw_file()
Weaknesses CWE-22
References
Metrics cvssV3_1

{'score': 7.6, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L'}


cve-icon MITRE

Status: PUBLISHED

Assigner: fedora

Published: 2025-05-12T19:01:45.824Z

Updated: 2025-05-12T19:16:28.730Z

Reserved: 2024-05-15T22:54:26.023Z

Link: CVE-2024-4982

cve-icon Vulnrichment

Updated: 2025-05-12T19:16:21.270Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2025-05-12T19:15:48.293

Modified: 2025-05-13T19:35:25.503

Link: CVE-2024-4982

cve-icon Redhat

No data.