High severity8.4OSV Advisory· Published Jan 20, 2025· Updated Apr 15, 2026
CVE-2025-24337
CVE-2025-24337
Description
WriteFreely through 0.15.1, when MySQL is used, allows local users to discover credentials by reading config.ini.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
github.com/writefreely/writefreelyGo | <= 0.15.1 | — |
Affected products
5- Range: v0.1.0, v0.10.0, v0.11.0, …
- ghsa-coords4 versionspkg:golang/github.com/writefreely/writefreelypkg:rpm/opensuse/govulncheck-vulndb&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/govulncheck-vulndb&distro=openSUSE%20Tumbleweedpkg:rpm/suse/govulncheck-vulndb&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP6
<= 0.15.1+ 3 more
- (no CPE)range: <= 0.15.1
- (no CPE)range: < 0.0.20250128T150132-150000.1.29.1
- (no CPE)range: < 0.0.20250128T150132-1.1
- (no CPE)range: < 0.0.20250128T150132-150000.1.29.1
Patches
Vulnerability mechanics
References
5News mentions
0No linked articles in our index yet.