MidnightBSD

Advisories for degamisu

CVE-2024-24757

open-irs is an issue response robot that reponds to issues in the installed repository. The `.env` file was accidentally uploaded when working with git actions. This problem is fixed in 1.0.1. Discontinuing all sensitive keys and turning into secrets.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9
security-advisories@github.com 7.6 HIGH CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H 2.8 4.7

Products Affected

Vendor Product Version
degamisu open-irs *