VYPR
Unrated severityNVD Advisory· Published May 12, 2025· Updated May 12, 2025

Pagure: _update_file_in_git() follows symbolic links in temporary clones

CVE-2024-4981

Description

A vulnerability was discovered in Pagure server. If a malicious user were to submit a git repository with symbolic links, the server could unintentionally show incorporate and make visible content from outside the git repo.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

1

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.