Unrated severityNVD Advisory· Published Aug 25, 2020· Updated Aug 4, 2024
CVE-2020-24614
CVE-2020-24614
Description
Fossil before 2.10.2, 2.11.x before 2.11.2, and 2.12.x before 2.12.1 allows remote authenticated users to execute arbitrary code. An attacker must have check-in privileges on the repository.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
7- Fossil/Fossildescription
- Range: <2.10.2 || (>=2.11.0, <2.11.2) || (>=2.12.0, <2.12.1)
- osv-coords5 versionspkg:rpm/opensuse/fossil&distro=openSUSE%20Leap%2015.1pkg:rpm/opensuse/fossil&distro=openSUSE%20Leap%2015.2pkg:rpm/opensuse/fossil&distro=openSUSE%20Tumbleweedpkg:rpm/suse/fossil&distro=SUSE%20Package%20Hub%2015%20SP1pkg:rpm/suse/fossil&distro=SUSE%20Package%20Hub%2015%20SP2
< 2.12.1-bp152.2.3.1+ 4 more
- (no CPE)range: < 2.12.1-bp152.2.3.1
- (no CPE)range: < 2.12.1-bp152.2.3.1
- (no CPE)range: < 2.16-1.2
- (no CPE)range: < 2.12.1-bp152.2.3.1
- (no CPE)range: < 2.12.1-bp152.2.3.1
Patches
Vulnerability mechanics
References
8- lists.opensuse.org/opensuse-security-announce/2020-09/msg00065.htmlmitrevendor-advisoryx_refsource_SUSE
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ARYF4YMYXCANXUDS3B3CA4JGUZNUJOJA/mitrevendor-advisoryx_refsource_FEDORA
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GVZK4K7SFBQRCGCHS76HW2LTSEH2KSUM/mitrevendor-advisoryx_refsource_FEDORA
- security.gentoo.org/glsa/202011-04mitrevendor-advisoryx_refsource_GENTOO
- www.openwall.com/lists/oss-security/2020/08/25/1mitremailing-listx_refsource_MLIST
- fossil-scm.org/forum/info/a05ae3ce7760daf6mitrex_refsource_MISC
- fossil-scm.org/fossil/vdiffmitrex_refsource_CONFIRM
- www.openwall.com/lists/oss-security/2020/08/20/1mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.