CVE-2024-47515

High

A vulnerability was found in Pagure. Support of symbolic links during repository archiving of repositories allows the disclosure of local…

redhat·CWE-61·Published 2024-12-24

CVSS

8.1

EPSS

0.01

KEV

Exploits

cve.orgen

220 chars

A vulnerability was found in Pagure. Support of symbolic links during repository archiving of repositories allows the disclosure of local files. This flaw allows a malicious user to take advantage of the Pagure instance.

NVDen

220 chars

NVDes

239 chars

Se encontró una vulnerabilidad en Pagure. El soporte de enlaces simbólicos durante el archivado de repositorios permite la divulgación de archivos locales. Esta falla permite que un usuario malintencionado aproveche la instancia de Pagure.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
3.1	Primary	cve.org	8.1	—	—	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
3.1	Primary	cve.org	8.1	—	—	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N