Lucene search

Pagure Security Vulnerabilities

cve

CVE-2017-1002151

Pagure 3.3.0 and earlier is vulnerable to loss of confidentially due to improper...

7.5CVSS

7.5AI Score

0.002EPSS

2022-10-03 04:22 PM

cve

CVE-2019-11556

Pagure before 5.6 allows XSS via the templates/blame.html blame...

6.1CVSS

5.8AI Score

0.001EPSS

2020-09-25 06:15 AM

125

cve

CVE-2016-1000037

Pagure: XSS possible in file attachment...

6.1CVSS

5.9AI Score

0.001EPSS

2019-11-06 07:15 PM

cve

CVE-2019-7628

Pagure 5.2 leaks API keys by e-mailing them to users. Few e-mail servers validate TLS certificates, so it is easy for man-in-the-middle attackers to read these e-mails and gain access to Pagure on behalf of other users. This issue is found in the API token expiration reminder cron job in...

5.9CVSS

5.5AI Score

0.001EPSS

2019-02-08 03:29 AM

cve

CVE-2016-1000007

Pagure 2.2.1 XSS in raw file...

6.1CVSS

5.9AI Score

0.001EPSS

2016-10-07 06:59 PM