ГлавнаяУязвимости → CVE-2024-24757
7.6высокая

CVE-2024-24757

Описание

open-irs is an issue response robot that reponds to issues in the installed repository. The `.env` file was accidentally uploaded when working with git actions. This problem is fixed in 1.0.1. Discontinuing all sensitive keys and turning into secrets.

Затрагиваемое ПО
Degamisu Open-irs
CVSS
Балл7.6 — высокая
ВекторCVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H
Источники
https://github.com/Degamisu/open-irs/security/advisories/GHSA-7r69-3vwh-wcfrhttps://github.com/Degamisu/open-irs/security/advisories/GHSA-7r69-3vwh-wcfr