Lucene search
K

1802 matches found

Fedora
Fedora
added 3 days ago7 views

[SECURITY] Fedora 44 Update: python-pillow-12.3.0-1.fc44

Python image processing library, fork of the Python Imaging Library PIL This library provides extensive file format support, an efficient internal representation, and powerful image processing capabilities. There are four subpackages: tk tk interface, qt PIL image wrapper for Qt, devel developmen...

7.5CVSS6.1AI score0.00364EPSS
Exploits5
Snyk
Snyk
added 2026/07/03 10:19 p.m.4 views

Information Exposure

Overview Affected versions of this package are vulnerable to Information Exposure via the fork synchronization process. An attacker can access private repository data by continuing to synchronize a fork after the parent repository's visibility changes from public to private. Remediation Upgrade...

7.5CVSS7.2AI score0.00482EPSS
Exploits0References2
Snyk
Snyk
added 2026/07/03 10:19 p.m.4 views

Information Exposure

Overview Affected versions of this package are vulnerable to Information Exposure via the fork synchronization process. An attacker can access private repository data by continuing to synchronize a fork after the parent repository's visibility changes from public to private. Remediation Upgrade...

7.5CVSS7.2AI score0.00482EPSS
Exploits0References2
Snyk
Snyk
added 2026/07/03 10:19 p.m.4 views

Information Exposure

Overview Affected versions of this package are vulnerable to Information Exposure via the fork synchronization process. An attacker can access private repository data by continuing to synchronize a fork after the parent repository's visibility changes from public to private. Remediation Upgrade...

7.5CVSS7.2AI score0.00482EPSS
Exploits0References2
Snyk
Snyk
added 2026/07/03 10:19 p.m.4 views

Information Exposure

Overview Affected versions of this package are vulnerable to Information Exposure via the fork synchronization process. An attacker can access private repository data by continuing to synchronize a fork after the parent repository's visibility changes from public to private. Remediation Upgrade...

7.5CVSS7.2AI score0.00482EPSS
Exploits0References2
Snyk
Snyk
added 2026/07/03 10:18 p.m.4 views

Improper Authorization

Overview Affected versions of this package are vulnerable to Improper Authorization in the workflow approval process. An attacker can gain unauthorized access to protected resources or perform privileged actions by bypassing the intended approval gate through manipulation of permanent fork pull...

8.9CVSS5.9AI score0.00201EPSS
Exploits0References2
Snyk
Snyk
added 2026/07/03 10:18 p.m.4 views

Improper Authorization

Overview Affected versions of this package are vulnerable to Improper Authorization in the workflow approval process. An attacker can gain unauthorized access to protected resources or perform privileged actions by bypassing the intended approval gate through manipulation of permanent fork pull...

8.9CVSS5.9AI score0.00201EPSS
Exploits0References2
NVD
NVD
added 2026/07/03 9:17 p.m.8 views

CVE-2026-58424

Permanent Fork PR Workflow Approval Gate Bypass...

8.9CVSS0.00201EPSS
Exploits0References4
NVD
NVD
added 2026/07/03 9:16 p.m.8 views

CVE-2026-22555

Gitea versions before 1.26.0 allow API users to fork a repository into an organization without first passing the CanCreateOrgRepo check, which can expose organization secrets...

8.1CVSS0.00304EPSS
Exploits0References4
NVD
NVD
added 2026/07/03 9:16 p.m.7 views

CVE-2026-24451

Gitea 1.26.2 allows fork synchronization to continue after a parent repository changes from public to private, exposing data to a fork that should no longer be authorized...

7.5CVSS0.00482EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/07/03 8:54 p.m.6 views

CVE-2026-58424

Permanent Fork PR Workflow Approval Gate Bypass...

8.9CVSS5.9AI score0.00201EPSS
Exploits0References5
CVE
CVE
added 2026/07/03 8:54 p.m.34 views

CVE-2026-58424

Technical details about CVE-2026-58424 are not publicly available in the provided documents. No product, vector, or impact specifics are included. Monitor for updates in official advisories.

8.9CVSS5.9AI score0.00201EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/07/03 8:54 p.m.35 views

CVE-2026-58424 Permanent Fork PR Workflow Approval Gate Bypass

Permanent Fork PR Workflow Approval Gate Bypass...

8.9CVSS0.00201EPSS
Exploits0References4
OSV
OSV
added 2026/07/03 8:19 p.m.4 views

CVE-2026-24451 Gitea fork synchronization can expose private parent repository data

Gitea 1.26.2 allows fork synchronization to continue after a parent repository changes from public to private, exposing data to a fork that should no longer be authorized...

7.5CVSS7.2AI score0.00482EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/07/03 8:19 p.m.5 views

CVE-2026-24451

Gitea 1.26.2 allows fork synchronization to continue after a parent repository changes from public to private, exposing data to a fork that should no longer be authorized...

5.9AI score0.00482EPSS
Exploits0References5Affected Software1
CVE
CVE
added 2026/07/03 8:19 p.m.21 views

CVE-2026-24451

Gitea 1.26.2 has an information exposure vulnerability where fork synchronization continues after the parent repo switches from public to private, allowing a fork to access data it should not be authorized to see. Connected sources identify this as affecting Gitea components through the fork sync...

7.5CVSS7.2AI score0.00482EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/07/03 8:19 p.m.39 views

CVE-2026-24451 Gitea fork synchronization can expose private parent repository data

Gitea 1.26.2 allows fork synchronization to continue after a parent repository changes from public to private, exposing data to a fork that should no longer be authorized...

0.00482EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/07/03 8:19 p.m.7 views

CVE-2026-22555

Gitea versions before 1.26.0 allow API users to fork a repository into an organization without first passing the CanCreateOrgRepo check, which can expose organization secrets...

8.1CVSS5.9AI score0.00304EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/07/03 12:0 a.m.17 views

PT-2026-55590

Name of the Vulnerable Software and Affected Versions Gitea version 1.26.2 Description Fork synchronization continues even after a parent repository is changed from public to private. This behavior allows a fork to maintain access and synchronize data from a repository that should no longer be...

7.5CVSS7AI score0.00482EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2026/07/03 12:0 a.m.13 views

PT-2026-55657

Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description A flaw exists that allows for a permanent fork pull request workflow approval gate bypass. This issue enables an attacker to circumvent the required approval...

8.9CVSS6AI score0.00201EPSS
Exploits0References13
Rows per page
Query Builder