rpm package
opensuse/rime-plum-go&distro=openSUSE Tumbleweed
pkg:rpm/opensuse/rime-plum-go&distro=openSUSE%20Tumbleweed
Vulnerabilities (3)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-2161 | — | < 1.0.3-1.1 | 1.0.3-1.1 | Apr 14, 2025 | Pega Platform versions 7.2.1 to Infinity 24.2.1 are affected by an XSS issue with Mashup | ||
| CVE-2025-21613 | — | < 1.0.3-1.1 | 1.0.3-1.1 | Jan 6, 2025 | go-git is a highly extensible git implementation library written in pure Go. An argument injection vulnerability was discovered in go-git versions prior to v5.13. Successful exploitation of this vulnerability could allow an attacker to set arbitrary values to git-upload-pack flag | ||
| CVE-2024-45337 | Cri | 9.1 | < 1.0.3-1.1 | 1.0.3-1.1 | Dec 12, 2024 | Applications and libraries which misuse connection.serverAuthenticate (via callback field ServerConfig.PublicKeyCallback) may be susceptible to an authorization bypass. The documentation for ServerConfig.PublicKeyCallback says that "A call to this function does not guarantee that |
- CVE-2025-2161Apr 14, 2025affected < 1.0.3-1.1fixed 1.0.3-1.1
Pega Platform versions 7.2.1 to Infinity 24.2.1 are affected by an XSS issue with Mashup
- CVE-2025-21613Jan 6, 2025affected < 1.0.3-1.1fixed 1.0.3-1.1
go-git is a highly extensible git implementation library written in pure Go. An argument injection vulnerability was discovered in go-git versions prior to v5.13. Successful exploitation of this vulnerability could allow an attacker to set arbitrary values to git-upload-pack flag
- affected < 1.0.3-1.1fixed 1.0.3-1.1
Applications and libraries which misuse connection.serverAuthenticate (via callback field ServerConfig.PublicKeyCallback) may be susceptible to an authorization bypass. The documentation for ServerConfig.PublicKeyCallback says that "A call to this function does not guarantee that