CVE-2026-3312

A flaw was found in Pagure's rendering engine for reStructuredText RST files. An authenticated user can exploit an unrestricted .. include:: directive within RST files to read arbitrary internal files from the server hosting Pagure. This information disclosure vulnerability allows unauthorized...

Ubuntu: Security Advisory (USN-7984-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS : Pagure vulnerabilities (USN-7984-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7984-1 advisory. Thomas Chauchefoin discovered that Pagure incorrectly handled symbolic links in Git repositories. A remote attacker could possibl...

Debian dla-4390 : pagure - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-4390 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4390-1 [email protected]...

[SECURITY] [DLA 4390-1] pagure security update

Debian LTS Advisory DLA-4390-1 [email protected] https://www.debian.org/lts/security/ Daniel Leidert December 01, 2025 https://wiki.debian.org/LTS Package : pagure Version : 5.11.3+dfsg-1+deb11u1 CVE ID : CVE-2024-4981 CVE-2024-4982 CVE-2024-47515 CVE-2024-47516 Debian Bug : 1091383...

Debian: Security Advisory (DLA-4390-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

DLA-4390-1 pagure - security update

Bulletin has no description...

EUVD-2016-1043

Malware in sbrugna...

EUVD-2016-1016

Malware in sbrugna...

EUVD-2019-3227

Malware in sbrugna...

EUVD-2019-17161

Malware in sbrugna...

EUVD-2017-1646

Malware in sbrugna...

EUVD-2025-14275

Malicious code in bioql PyPI...

EUVD-2024-42713

Malicious code in bioql PyPI...

EUVD-2025-14277

Malicious code in bioql PyPI...

EUVD-2024-54309

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2024-47516

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in Pagure. An argument injection in Git during retrieval of the repository history leads to remote code execution on the Pagure...

Linux Distros Unpatched Vulnerability : CVE-2024-4981

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was discovered in Pagure server. If a malicious user were to submit a git repository with symbolic links, the server could unintentionally show...

Linux Distros Unpatched Vulnerability : CVE-2024-4982

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A directory traversal vulnerability was discovered in Pagure server. If a malicious user submits a specially cratfted git repository they could discover secrets...

CVE-2024-4982

A directory traversal vulnerability was discovered in Pagure server. If a malicious user submits a specially cratfted git repository they could discover secrets on the server...