{}

{}

{}

{"bugzilla": {"description": "pagure: Pagure: Information disclosure via unrestricted reStructuredText include directive", "id": "2443259", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2443259"}, "csaw": false, "cvss3": {"cvss3_base_score": "7.7", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N", "status": "draft"}, "cwe": "CWE-22", "details": ["A flaw was found in Pagure's rendering engine for reStructuredText (RST) files. An authenticated user can exploit an unrestricted `.. include::` directive within RST files to read arbitrary internal files from the server hosting Pagure. This information disclosure vulnerability allows unauthorized access to sensitive data on the server."], "mitigation": {"lang": "en:us", "value": "To mitigate this vulnerability, restrict authenticated access to the Pagure instance to only trusted and authorized users. This operational control limits the attack surface by ensuring that only privileged individuals can interact with the vulnerable reStructuredText rendering engine. Implement strong authentication and authorization policies for Pagure users to minimize unauthorized access."}, "name": "CVE-2026-3312", "public_date": "2026-03-13T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2026-3312\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-3312"], "statement": "This vulnerability in Pagure's reStructuredText (RST) rendering engine allows an authenticated user to read arbitrary internal files from the server. This is due to the `.. include::` directive in the docutils library not being restricted or jailed during the rendering process within Pagure. Exploitation requires an authenticated user to craft a malicious RST file.", "threat_severity": "Moderate"}