CVE-2024-47516
CVE-2024-47516
9.8
CriticalPublished:
Last updated:
Source:secalert@redhat.com
Deferred
Weakness (CWE)
CVSS Vector
v3.1- Attack Vector
- Network
- Attack Complexity
- Low
- Privileges Required
- None
- User Interaction
- None
- Scope
- Unchanged
- Confidentiality
- High
- Integrity
- High
- Availability
- High
Description
A vulnerability was found in Pagure. An argument injection in Git during retrieval of the repository history leads to remote code execution on the Pagure instance.
References
secalert@redhat.com
https://access.redhat.com/security/cve/CVE-2024-47516secalert@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=2315805