Home > Vulnerability Database > CVE-2024-47516

Mend.io Vulnerability Database

CVE-2024-47516

Good to know:

Date: March 25, 2025

A vulnerability was found in Pagure. An argument injection in Git during retrieval of the repository history leads to remote code execution on the Pagure instance.

Severity Score

9.8

Related Resources (4)

Url: https://access.redhat.com/security/cve/CVE-2024-47516

Url: https://bugzilla.redhat.com/show_bug.cgi?id=2315805

Url: https://nvd.nist.gov/vuln/detail/CVE-2024-47516

Url: https://www.mend.io/vulnerability-database/CVE-2024-47516

Severity Score

9.8

Weakness Type (CWE)

Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')

CWE-88

Top Fix

Upgrade Version

Upgrade to version https://github.com/Pagure/pagure.git - 5.14.1

Learn More

CVSS v3.1

Base Score:	9.8
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	HIGH
Integrity (I):	HIGH
Availability (A):	HIGH

Mend.io Vulnerability Database

We found results for “”

CVE-2024-47516

Good to know:

Date: March 25, 2025

Severity Score

Related Resources (4)

Severity Score

Weakness Type (CWE)

Top Fix

Upgrade Version

CVSS v3.1

Do you need more information?