Vulnerabilities > CVE-2024-24757 - Unspecified vulnerability in Degamisu Open-Irs

CVSS 9.8 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

degamisu

critical

NVD

Published: 2024-02-02

Updated: 2024-02-10

Summary

open-irs is an issue response robot that reponds to issues in the installed repository. The `.env` file was accidentally uploaded when working with git actions. This problem is fixed in 1.0.1. Discontinuing all sensitive keys and turning into secrets.

Vulnerable Configurations

Part	Description	Count
Application	Degamisu Degamisu Open IRS *	1

References

https://github.com/Degamisu/open-irs/security/advisories/GHSA-7r69-3vwh-wcfr