5 matches found
CVE-2026-11853
Debusine is an integrated solution to build, distribute and maintain a Debian-based distribution. Debian source packages .dsc and upload artifacts .changes are manifest files that name the files that make up the artifact. The parser used to read these files in Debusine accepted arbitrary fully...
CVE-2026-11853
Debusine is an integrated solution to build, distribute and maintain a Debian-based distribution. Debian source packages .dsc and upload artifacts .changes are manifest files that name the files that make up the artifact. The parser used to read these files in Debusine accepted arbitrary fully...
EUVD-2026-35999
Debusine is an integrated solution to build, distribute and maintain a Debian-based distribution. Debian source packages .dsc and upload artifacts .changes are manifest files that name the files that make up the artifact. The parser used to read these files in Debusine accepted arbitrary fully...
CVE-2026-11853
Debusine is an integrated solution to build, distribute and maintain a Debian-based distribution. Debian source packages .dsc and upload artifacts .changes are manifest files that name the files that make up the artifact. The parser used to read these files in Debusine accepted arbitrary fully...
CVE-2026-11853
CVE-2026-11853 affects Debusine, where the parser used to read Debian source manifests (.dsc) and artefacts (.changes) accepts arbitrary fully user-controlled paths. The mergeuploads task can be abused to create arbitrary symbolic links on a worker, allowing overwriting any file the worker user c...