CVE-2024-55947
CVSS V2 None
CVSS V3 None
Description
Gogs is an open source self-hosted Git service. A malicious user is able to write a file to an arbitrary path on the server to gain SSH access to the server. The vulnerability is fixed in 0.13.1.
Overview
- CVE ID
- CVE-2024-55947
- Assigner
- GitHub_M
- Vulnerability Status
- PUBLISHED
- Published Version
- 2024-12-23T15:26:47.507Z
- Last Modified Date
- 2024-12-23T15:26:47.507Z
Weakness Enumerations
References
Reference URL | Reference Tags |
---|---|
https://github.com/gogs/gogs/security/advisories/GHSA-qf5v-rp47-55gg | x_refsource_CONFIRM |
https://github.com/gogs/gogs/issues/7582 | x_refsource_MISC |
https://github.com/gogs/gogs/pull/7859 | x_refsource_MISC |
https://github.com/gogs/gogs/commit/9a9388ace25bd646f5098cb9193d983332c34e41 | x_refsource_MISC |
Sources
Source Name | Source URL |
---|---|
NIST | https://nvd.nist.gov/vuln/detail/CVE-2024-55947 |
MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-55947 |
History
Created | Old Value | New Value | Data Type | Notes |
---|---|---|---|---|
2024-12-24 13:10:54 | Added to TrackCVE |