Every CVE whose affected-product data names Redhat Pagure, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (7)
CVE-2024-4982 — CVSS 7.6 (high): A directory traversal vulnerability was discovered in Pagure server. If a malicious user submits a specially cratfted git repository they…
CVE-2024-4981 — CVSS 7.6 (high): A vulnerability was discovered in Pagure server. If a malicious user were to submit a git repository with symbolic links, the server could…
CVE-2019-7628 — CVSS 5.9 (medium): Pagure 5.2 leaks API keys by e-mailing them to users. Few e-mail servers validate TLS certificates, so it is easy for man-in-the-middle…