Unrated severityNVD Advisory· Published May 12, 2025· Updated May 12, 2025
Pagure: _update_file_in_git() follows symbolic links in temporary clones
CVE-2024-4981
Description
A vulnerability was discovered in Pagure server. If a malicious user were to submit a git repository with symbolic links, the server could unintentionally show incorporate and make visible content from outside the git repo.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1Patches
Vulnerability mechanics
References
4- access.redhat.com/security/cve/CVE-2024-4981mitrevdb-entryx_refsource_REDHAT
- bugzilla.redhat.com/show_bug.cgimitreissue-trackingx_refsource_REDHAT
- bugzilla.redhat.com/show_bug.cgimitre
- pagure.io/pagure/c/454f2677bc50d7176f07da9784882eb2176537f4mitre
News mentions
0No linked articles in our index yet.