8 matches found
EUVD-2024-42713
Malicious code in bioql PyPI...
DEBIAN-CVE-2024-47515
A vulnerability was found in Pagure. Support of symbolic links during repository archiving of repositories allows the disclosure of local files. This flaw allows a malicious user to take advantage of the Pagure instance...
CVE-2024-47515
A vulnerability was found in Pagure. Support of symbolic links during repository archiving of repositories allows the disclosure of local files. This flaw allows a malicious user to take advantage of the Pagure instance...
UBUNTU-CVE-2024-47515
A vulnerability was found in Pagure. Support of symbolic links during repository archiving of repositories allows the disclosure of local files. This flaw allows a malicious user to take advantage of the Pagure instance...
CVE-2024-47515 Pagure: generate_archive() follows symbolic links in temporary clones
A vulnerability was found in Pagure. Support of symbolic links during repository archiving of repositories allows the disclosure of local files. This flaw allows a malicious user to take advantage of the Pagure instance...
CVE-2024-47515
Pagure CVE-2024-47515 involves generate_archive() following symbolic links in temporary clones, enabling disclosure of local files outside repository boundaries. Ubuntu (USN-7984-1) and Debian (DLA-4390-1) advisories reference Pagure fixes; Debian notes version 5.11.3+dfsg-1+deb11u1, Ubuntu patch...
PT-2024-32637 · Pagure +1 · Pagure +1
Name of the Vulnerable Software and Affected Versions: Pagure affected versions not specified Description: A vulnerability was found in Pagure, where the support of symbolic links during repository archiving allows the disclosure of local files. This flaw enables a malicious user to exploit the...
SUSE CVE-2024-47515
A vulnerability was found in Pagure. Support of symbolic links during repository archiving of repositories allows the disclosure of local files. This flaw allows a malicious user to take advantage of the Pagure instance...