1802 matches found
[SECURITY] Fedora 44 Update: python-pillow-12.3.0-1.fc44
Python image processing library, fork of the Python Imaging Library PIL This library provides extensive file format support, an efficient internal representation, and powerful image processing capabilities. There are four subpackages: tk tk interface, qt PIL image wrapper for Qt, devel developmen...
Information Exposure
Overview Affected versions of this package are vulnerable to Information Exposure via the fork synchronization process. An attacker can access private repository data by continuing to synchronize a fork after the parent repository's visibility changes from public to private. Remediation Upgrade...
Information Exposure
Overview Affected versions of this package are vulnerable to Information Exposure via the fork synchronization process. An attacker can access private repository data by continuing to synchronize a fork after the parent repository's visibility changes from public to private. Remediation Upgrade...
Information Exposure
Overview Affected versions of this package are vulnerable to Information Exposure via the fork synchronization process. An attacker can access private repository data by continuing to synchronize a fork after the parent repository's visibility changes from public to private. Remediation Upgrade...
Information Exposure
Overview Affected versions of this package are vulnerable to Information Exposure via the fork synchronization process. An attacker can access private repository data by continuing to synchronize a fork after the parent repository's visibility changes from public to private. Remediation Upgrade...
Improper Authorization
Overview Affected versions of this package are vulnerable to Improper Authorization in the workflow approval process. An attacker can gain unauthorized access to protected resources or perform privileged actions by bypassing the intended approval gate through manipulation of permanent fork pull...
Improper Authorization
Overview Affected versions of this package are vulnerable to Improper Authorization in the workflow approval process. An attacker can gain unauthorized access to protected resources or perform privileged actions by bypassing the intended approval gate through manipulation of permanent fork pull...
CVE-2026-58424
Permanent Fork PR Workflow Approval Gate Bypass...
CVE-2026-22555
Gitea versions before 1.26.0 allow API users to fork a repository into an organization without first passing the CanCreateOrgRepo check, which can expose organization secrets...
CVE-2026-24451
Gitea 1.26.2 allows fork synchronization to continue after a parent repository changes from public to private, exposing data to a fork that should no longer be authorized...
CVE-2026-58424
Permanent Fork PR Workflow Approval Gate Bypass...
CVE-2026-58424
Technical details about CVE-2026-58424 are not publicly available in the provided documents. No product, vector, or impact specifics are included. Monitor for updates in official advisories.
CVE-2026-58424 Permanent Fork PR Workflow Approval Gate Bypass
Permanent Fork PR Workflow Approval Gate Bypass...
CVE-2026-24451
Gitea 1.26.2 allows fork synchronization to continue after a parent repository changes from public to private, exposing data to a fork that should no longer be authorized...
CVE-2026-24451
Gitea 1.26.2 has an information exposure vulnerability where fork synchronization continues after the parent repo switches from public to private, allowing a fork to access data it should not be authorized to see. Connected sources identify this as affecting Gitea components through the fork sync...
CVE-2026-24451 Gitea fork synchronization can expose private parent repository data
Gitea 1.26.2 allows fork synchronization to continue after a parent repository changes from public to private, exposing data to a fork that should no longer be authorized...
CVE-2026-24451 Gitea fork synchronization can expose private parent repository data
Gitea 1.26.2 allows fork synchronization to continue after a parent repository changes from public to private, exposing data to a fork that should no longer be authorized...
CVE-2026-22555
Gitea versions before 1.26.0 allow API users to fork a repository into an organization without first passing the CanCreateOrgRepo check, which can expose organization secrets...
PT-2026-55590
Name of the Vulnerable Software and Affected Versions Gitea version 1.26.2 Description Fork synchronization continues even after a parent repository is changed from public to private. This behavior allows a fork to maintain access and synchronize data from a repository that should no longer be...
PT-2026-55657
Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description A flaw exists that allows for a permanent fork pull request workflow approval gate bypass. This issue enables an attacker to circumvent the required approval...