Redhat Pagure

7 CVEs affecting Redhat Pagure. Latest disclosed: 2025-05-12. Critical: 0, High: 3.

Top CVEs affecting Redhat Pagure
CVESeverityScorePublishedSummary
CVE-2024-4982High7.62025-05-12A directory traversal vulnerability was discovered in Pagure server. If a malicious user submits a specially cratfted git repository they could discover secret…
CVE-2024-4981High7.62025-05-12A vulnerability was discovered in Pagure server. If a malicious user were to submit a git repository with symbolic links, the server could unintentionally show…
CVE-2017-1002151High7.52017-09-14Pagure 3.3.0 and earlier is vulnerable to loss of confidentially due to improper authorization
CVE-2019-11556Medium6.12020-09-25Pagure before 5.6 allows XSS via the templates/blame.html blame view.
CVE-2016-1000037Medium6.12019-11-06Pagure: XSS possible in file attachment endpoint
CVE-2016-1000007Medium6.12016-10-07Pagure 2.2.1 XSS in raw file endpoint
CVE-2019-7628Medium5.92019-02-08Pagure 5.2 leaks API keys by e-mailing them to users. Few e-mail servers validate TLS certificates, so it is easy for man-in-the-middle attackers to read these…