All errata/p9/ALT-PU-2020-2899-1
ALT-PU-2020-2899-1

Package update fossil in branch p9

Version2.12.1-alt1
Task#258834
Published2020-09-30
Max severityHIGH
Severity:

Closed issues (2)

CVE-2020-24614
HIGH8.8

Fossil before 2.10.2, 2.11.x before 2.11.2, and 2.12.x before 2.12.1 allows remote authenticated users to execute arbitrary code. An attacker must have check-in privileges on the repository.

Published: 2020-08-25Modified: 2024-11-21
CVSS 2.0MEDIUM 6.5
CVSS:2.0/AV:N/AC:L/Au:S/C:P/I:P/A:P
CVSS 3.xHIGH 8.8
CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
References