Lucene search
K

6 matches found

Tenable Nessus
Tenable Nessus
added 2025/05/14 12:0 a.m.6 views

Alibaba Cloud Linux 3 : 0087: librepo (ALINUX3-SA-2021:0087)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2021:0087 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2020-14352: A flaw was found in librepo in...

8.5CVSS6.3AI score0.02526EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2021/10/27 12:0 a.m.18 views

NewStart CGSL CORE 5.05 / MAIN 5.05 : librepo Vulnerability (NS-SA-2021-0170)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has librepo packages installed that are affected by a vulnerability: - A flaw was found in librepo in versions before 1.12.1. A directory traversal vulnerability was found where it failed to sanitize paths in remote repository...

8.5CVSS6.3AI score0.02526EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2021/03/10 12:0 a.m.43 views

NewStart CGSL CORE 5.04 / MAIN 5.04 : librepo Vulnerability (NS-SA-2021-0049)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has librepo packages installed that are affected by a vulnerability: - A flaw was found in librepo in versions before 1.12.1. A directory traversal vulnerability was found where it failed to sanitize paths in remote repository...

8.5CVSS6.3AI score0.02526EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2020/11/12 12:0 a.m.25 views

Oracle Linux 7 : librepo (ELSA-2020-5012)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2020-5012 advisory. 1.8.1-8 - Validate paths read from repomd.xml RhBug: 1866500 Tenable has extracted the preceding description block directly from the Oracle Linux security...

8.5CVSS6.4AI score0.02526EPSS
Exploits0References2
Veracode
Veracode
added 2020/09/09 1:47 a.m.24 views

Directory Traversal

librepo is vulnerable to directory traversal. The vulnerability exists through a missing path validation in repomd.xml...

8CVSS3.3AI score0.02526EPSS
Exploits0References11Affected Software1
NVD
NVD
added 2020/08/30 3:15 p.m.16 views

CVE-2020-14352

A flaw was found in librepo in versions before 1.12.1. A directory traversal vulnerability was found where it failed to sanitize paths in remote repository metadata. An attacker controlling a remote repository may be able to copy files outside of the destination directory on the targeted system v...

8.5CVSS7.6AI score0.02526EPSS
Exploits0References6
Rows per page
Query Builder