VYPR

Pagure

by Red Hat

CVEs (5)

  • CVE-2024-47516CriMar 26, 2025
    risk 0.64cvss 9.8epss 0.01

    A vulnerability was found in Pagure. An argument injection in Git during retrieval of the repository history leads to remote code execution on the Pagure instance.

  • CVE-2017-1002151HigSep 14, 2017
    risk 0.49cvss 7.5epss 0.01

    Pagure 3.3.0 and earlier is vulnerable to loss of confidentially due to improper authorization

  • CVE-2016-1000007MedOct 7, 2016
    risk 0.40cvss 6.1epss 0.01

    Pagure 2.2.1 XSS in raw file endpoint

  • CVE-2024-4982May 12, 2025
    risk 0.00cvss epss 0.01

    A directory traversal vulnerability was discovered in Pagure server. If a malicious user submits a specially cratfted git repository they could discover secrets on the server.

  • CVE-2024-4981May 12, 2025
    risk 0.00cvss epss 0.00

    A vulnerability was discovered in Pagure server. If a malicious user were to submit a git repository with symbolic links, the server could unintentionally show incorporate and make visible content from outside the git repo.