Redhat Pagure
7 CVEs affecting Redhat Pagure. Latest disclosed: 2025-05-12. Critical: 0, High: 3.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-4982 | High | 7.6 | 2025-05-12 | A directory traversal vulnerability was discovered in Pagure server. If a malicious user submits a specially cratfted git repository they could discover secret… |
CVE-2024-4981 | High | 7.6 | 2025-05-12 | A vulnerability was discovered in Pagure server. If a malicious user were to submit a git repository with symbolic links, the server could unintentionally show… |
CVE-2017-1002151 | High | 7.5 | 2017-09-14 | Pagure 3.3.0 and earlier is vulnerable to loss of confidentially due to improper authorization |
CVE-2019-11556 | Medium | 6.1 | 2020-09-25 | Pagure before 5.6 allows XSS via the templates/blame.html blame view. |
CVE-2016-1000037 | Medium | 6.1 | 2019-11-06 | Pagure: XSS possible in file attachment endpoint |
CVE-2016-1000007 | Medium | 6.1 | 2016-10-07 | Pagure 2.2.1 XSS in raw file endpoint |
CVE-2019-7628 | Medium | 5.9 | 2019-02-08 | Pagure 5.2 leaks API keys by e-mailing them to users. Few e-mail servers validate TLS certificates, so it is easy for man-in-the-middle attackers to read these… |