Vulnerabilities

CVE-2025-23012

by Fred · 23/01/2025

Fedora Repository 3.8.x includes a service account (fedoraIntCallUser) with default credentials and privileges to read read local files by manipulating datastreams. Fedora Repository 3.8.1 was released on 2015-06-11 and is no longer maintained. Migrate to a currently supported version (6.5.1 as of 2025-01-23).

More information : https://github.com/fcrepo/fcrepo/releases

Similar

Tags: Cybersecurity Alert