CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was discovered in Pagure server. If a malicious user were to submit a git repository with symbolic links, the server could unintentionally show...

7.6CVSS5.3AI score0.00338EPSS

Exploits1References2

CNNVD•added 2025/05/12 12:0 a.m.•3 views

Pagure 安全漏洞

Pagure is a Pagure open source Git repository written in Python that provides web services. A security vulnerability exists in the Pagure server that originates from a malicious user committing a specially crafted git repository, which could lead to the disclosure of sensitive information on the...

7.6CVSS5.9AI score0.00703EPSS

Exploits1References4

OSV•added 2025/03/26 12:15 a.m.•0 views

DEBIAN-CVE-2024-47516

A vulnerability was found in Pagure. An argument injection in Git during retrieval of the repository history leads to remote code execution on the Pagure instance...

9.8CVSS6.3AI score0.00849EPSS

Exploits0References1

OSV•added 2025/03/26 12:15 a.m.•5 views

CVE-2024-47516

A vulnerability was found in Pagure. An argument injection in Git during retrieval of the repository history leads to remote code execution on the Pagure instance...

9.8CVSS9.9AI score0.00849EPSS

Exploits0References2

OSV•added 2025/03/26 12:15 a.m.•1 views

UBUNTU-CVE-2024-47516

A vulnerability was found in Pagure. An argument injection in Git during retrieval of the repository history leads to remote code execution on the Pagure instance...

9.8CVSS6.3AI score0.00849EPSS

Exploits0References5

Cvelist•added 2025/03/25 11:21 p.m.•8 views

CVE-2024-47516 Pagure: argument injection in pagurerepo.log()

A vulnerability was found in Pagure. An argument injection in Git during retrieval of the repository history leads to remote code execution on the Pagure instance...

9.8CVSS0.00849EPSS

Exploits0References2

Vulnrichment•added 2024/12/24 3:26 a.m.•12 views

CVE-2024-47515 Pagure: generate_archive() follows symbolic links in temporary clones

A vulnerability was found in Pagure. Support of symbolic links during repository archiving of repositories allows the disclosure of local files. This flaw allows a malicious user to take advantage of the Pagure instance...

8.1CVSS7.7AI score0.00557EPSS

Exploits0References2

Cvelist•added 2024/12/24 3:26 a.m.•19 views

CVE-2024-47515 Pagure: generate_archive() follows symbolic links in temporary clones

8.1CVSS0.00557EPSS

Exploits0References2

CVE•added 2024/12/24 3:26 a.m.•60 views

CVE-2024-47515

Pagure CVE-2024-47515 involves generate_archive() following symbolic links in temporary clones, enabling disclosure of local files outside repository boundaries. Ubuntu (USN-7984-1) and Debian (DLA-4390-1) advisories reference Pagure fixes; Debian notes version 5.11.3+dfsg-1+deb11u1, Ubuntu patch...

8.1CVSS7.7AI score0.00557EPSS

Exploits0References2

SUSE CVE•added 2024/10/02 2:50 a.m.•2 views

SUSE CVE-2024-47516

A vulnerability was found in Pagure. An argument injection in Git during retrieval of the repository history leads to remote code execution on the Pagure instance...

9.8CVSS8.4AI score0.00849EPSS

Exploits0References3

CNVD•added 2017/09/15 12:0 a.m.•2 views

Pagure Authorization Vulnerability

Pagure is a Git repository using Python to provide Web services . Security exists in Pagure 3.3.0 and earlier versions, and the vulnerability stems from a failure to properly authorize. An attacker can exploit the vulnerability to browse a private repository...

7.5CVSS6.8AI score0.01065EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by