CVE Daily

CVE-2024-4982

A directory traversal vulnerability was discovered in Pagure server. If a malici...

High CVSS 7.6

Overview

A directory traversal vulnerability was discovered in Pagure server. If a malicious user submits a specially cratfted git repository they could discover secrets on the server.

CWE: CWE-22 Published: 2025-05-12T19:15:48.293
Risk analysis

This vulnerability is rated 🟠 HIGH.

  • CVSS: 7.6 (HIGH)
  • Detected tags: path (tag impact: MODERATE)

Recommended actions:

  • Canonicalize path; block `..` traversal; use allowlists.

Recommended tools

Tags