rpm package
opensuse/pagure&distro=openSUSE Tumbleweed
pkg:rpm/opensuse/pagure&distro=openSUSE%20Tumbleweed
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2019-7628 | — | < 5.13.2-2.2 | 5.13.2-2.2 | Feb 8, 2019 | Pagure 5.2 leaks API keys by e-mailing them to users. Few e-mail servers validate TLS certificates, so it is easy for man-in-the-middle attackers to read these e-mails and gain access to Pagure on behalf of other users. This issue is found in the API token expiration reminder cro |
- CVE-2019-7628Feb 8, 2019affected < 5.13.2-2.2fixed 5.13.2-2.2
Pagure 5.2 leaks API keys by e-mailing them to users. Few e-mail servers validate TLS certificates, so it is easy for man-in-the-middle attackers to read these e-mails and gain access to Pagure on behalf of other users. This issue is found in the API token expiration reminder cro