CVE-2024-39932

CVSS 3.1 Score 9.9 of 10 (high)

Details

Published Jul 4, 2024
Updated: Jul 8, 2024
CWE ID 94

Summary

CVE-2024-39932 is a vulnerability affecting Gogs up to version 0.13.0. An attacker can exploit this issue by injecting arguments during the previewing of changes. This can potentially lead to unintended code execution and security breaches. Users are urged to update their Gogs installation to the latest version to mitigate this risk. The flaw can be exploited by manipulating the input during the change preview process, allowing an attacker to execute arbitrary commands. The severity of this vulnerability is high due to the potential for serious consequences, including data theft and system compromise.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share