Information on source package pagure

Available versions

ReleaseVersion
bullseye5.11.3+dfsg-1
bookworm5.11.3+dfsg-2.1
trixie5.14.1+dfsg-7
forky5.14.1+dfsg-8
sid5.14.1+dfsg-8

Open issues

BugbullseyebookwormtrixieforkysidDescription
CVE-2024-47516vulnerablevulnerable (no DSA, ignored)fixedfixedfixedA vulnerability was found in Pagure. An argument injection in Git duri ...
CVE-2024-47515vulnerablevulnerable (no DSA, ignored)fixedfixedfixedA vulnerability was found in Pagure. Support of symbolic links during ...
CVE-2024-4982vulnerablevulnerable (no DSA, ignored)fixedfixedfixedA directory traversal vulnerability was discovered in Pagure server. I ...
CVE-2024-4981vulnerablevulnerable (no DSA, ignored)fixedfixedfixedA vulnerability was discovered in Pagure server. If a malicious user w ...

Resolved issues

BugDescription
CVE-2019-11556Pagure before 5.6 allows XSS via the templates/blame.html blame view.
CVE-2019-7628Pagure 5.2 leaks API keys by e-mailing them to users. Few e-mail serve ...
CVE-2017-1002151Pagure 3.3.0 and earlier is vulnerable to loss of confidentially due t ...
CVE-2016-1000037Pagure: XSS possible in file attachment endpoint
CVE-2016-1000007Pagure 2.2.1 XSS in raw file endpoint
Search for package or bug name: Reporting problems